Online Policy Enforcement on Heavy Network Traffic Using Protocol Parsers

Please enable javascript in your browser.

Ebrahimi, Alireza | 2017

331 Viewed

Type of Document: M.Sc. Thesis
Language: Farsi
Document No: 51486 (19)
University: Sharif University of Technology
Department: Computer Engineering
Advisor(s): Jalili, Rasool
Abstract:
In recent years, internet traffic is experiencing an explosive growth. High performance networking in large scale computer networks creates several security challenges. Exploiting Deep Packet Inspection (DPI) is regarded as a big challenge especially for massive data when number of concurrent connections grows. Using simple security based on network layer data can easily avaded by attackers and also can not detect more sophisticated attacks like DDoS. In this paper we proposed a new grammar model named bidirectional asynchronous counting grammar and it’s automata. With this grammar model we can define policies based on extracted fields in both request and response flows. Using new model of asynchronous policy enforcement significantly impoved our mothod’s performance. In this paper we also proposed a fault tolerant distributed system that uses our new grammar model automata and actors. We used this model to implement a field extraction engine that can process more than 15 Gbps on HTTP traffic
Keywords:
Policy Enforcement ; Protocol ; Network Security ; Network Traffic ; Parser

No TOC