Integrated Network Traffic Processing Framework
Integrated Network Traffic Processing Framework
diploma thesis (DEFENDED)
View/
Permanent link
http://hdl.handle.net/20.500.11956/8151Identifiers
Study Information System: 44698
Collections
- Kvalifikační práce [11237]
Faculty / Institute
Faculty of Mathematics and Physics
Discipline
Software systems
Department
Department of Software Engineering
Date of defense
5. 2. 2007
Publisher
Univerzita Karlova, Matematicko-fyzikální fakultaLanguage
English
Grade
Excellent
Knowledge of what data are carried by network links is crucial to be able to prevent attacks and to improve quality of services. Therefore it is important to develop network monitoring tools which can operate on speeds of new gigabit networks. This thesis discusses general principles of designing a highly flexible framework which is divided into several levels. These spread across various hardware and software environments. This allows us to keep up with a gigabit speed. We show details on an extension of the FFPF framework to run on top of an IXP based PCI board. In addition, we present an implementation of Ruler, a language for packet pattern matching and data anonymization, implemented for highspeed traffic monitoring using IXP network processor. This work also presents performance evaluation, discussion of bottle-necks, general problems and compares with other related projects.