Publicação
A scalable, real-time packet capturing solution
| Resumo: | The evolution of technology and the increasing connectivity between devices lead to an increased risk of cyberattacks. Good protection systems, such as Intrusion Detection System (IDS) and Intrusion Prevention System (IPS), are essential in trying to prevent, detect and counter most of the attacks. However, the increasing creativity and type of attacks raise the need for more resources and processing power for the protection systems which, in turn, requires horizontal scalability to keep up with the massive companies’ network infrastructure and with the complexity of attacks. Technologies like machine learning, show promising results and can be of added value in the detection and prevention of attacks in real-time. But good algorithms and tools are not enough. They require reliable and solid datasets to be able to effectively train the protection systems. The development of a good dataset requires horizontalscalable, robust, modular and fault-tolerance systems, so that the analyses may be done also in real-time. This paper describes an architecture for horizontal-scaling capture architecture, able to collect packets from multiple sources and prepared for real-time analysis. It depends on multiple modular nodes with specific roles to support different algorithms and tools. |
|---|---|
| Autores principais: | Oliveira, Rafael Cardoso de |
| Outros Autores: | Almeida, João P.; Praça, Isabel; Lopes, Rui Pedro; Pedrosa, Tiago |
| Assunto: | Packet capture Packet storage Distributed system Machine learning |
| Ano: | 2021 |
| País: | Portugal |
| Tipo de documento: | comunicação em conferência |
| Tipo de acesso: | acesso restrito |
| Instituição associada: | Instituto Politécnico de Bragança |
| Idioma: | inglês |
| Origem: | Biblioteca Digital do IPB |
| Resumo: | The evolution of technology and the increasing connectivity between devices lead to an increased risk of cyberattacks. Good protection systems, such as Intrusion Detection System (IDS) and Intrusion Prevention System (IPS), are essential in trying to prevent, detect and counter most of the attacks. However, the increasing creativity and type of attacks raise the need for more resources and processing power for the protection systems which, in turn, requires horizontal scalability to keep up with the massive companies’ network infrastructure and with the complexity of attacks. Technologies like machine learning, show promising results and can be of added value in the detection and prevention of attacks in real-time. But good algorithms and tools are not enough. They require reliable and solid datasets to be able to effectively train the protection systems. The development of a good dataset requires horizontalscalable, robust, modular and fault-tolerance systems, so that the analyses may be done also in real-time. This paper describes an architecture for horizontal-scaling capture architecture, able to collect packets from multiple sources and prepared for real-time analysis. It depends on multiple modular nodes with specific roles to support different algorithms and tools. |
|---|