By Topic

Intrusion analysis with deep packet inspection: Increasing efficiency of packet based investigations

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Smallwood, D. ; Comput. Sci. Corp., Falls Church, VA, USA ; Vance, A.

Cloud computing's distributed architecture helps ensure service resilience and robustness. However, cloud architectures also increase dynamic data communications which inherently increases security risks. Examination of industry practice has revealed that increased data volume, as a result of increased communication, diminishes the efficiency of deep packet inspections (DPI). DPI is essential in protecting the cloud against malicious threats such as web exploits, zeroday attacks, data exfiltration, and malware based botnets. In this paper, we evaluate the effectiveness of a new utility that was developed to improve retrospective packet analysis which was tested against actual data center traffic from a large regional Internet Access Provider providing cloud services. Blitzdump is a lightning fast network data packet capture utility developed to improve network intrusion detection through deep packet inspection analysis. Implementation results indicate it outperformed existing techniques, in terms of query function performance, that ultimately improved efficiency in query responses by up to 6000%. Blitzdump reduces security risks by increasing the technical performance of intrusion detection to improve the security practitioner's productivity and effectiveness.

Published in:

Cloud and Service Computing (CSC), 2011 International Conference on

Date of Conference:

12-14 Dec. 2011