Cargando…
Acceleration of Intrusion Detection in Encrypted Network Traffic Using Heterogeneous Hardware †
More than 75% of Internet traffic is now encrypted, and this percentage is constantly increasing. The majority of communications are secured using common encryption protocols such as SSL/TLS and IPsec to ensure security and protect the privacy of Internet users. However, encryption can be exploited...
| Autores principales: | , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2021
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7915898/ https://www.ncbi.nlm.nih.gov/pubmed/33562000 http://dx.doi.org/10.3390/s21041140 |
| _version_ | 1783657354398531584 |
|---|---|
| author | Papadogiannaki, Eva Ioannidis, Sotiris |
| author_facet | Papadogiannaki, Eva Ioannidis, Sotiris |
| author_sort | Papadogiannaki, Eva |
| collection | PubMed |
| description | More than 75% of Internet traffic is now encrypted, and this percentage is constantly increasing. The majority of communications are secured using common encryption protocols such as SSL/TLS and IPsec to ensure security and protect the privacy of Internet users. However, encryption can be exploited to hide malicious activities, camouflaged into normal network traffic. Traditionally, network traffic inspection is based on techniques like deep packet inspection (DPI). Common applications for DPI include but are not limited to firewalls, intrusion detection and prevention systems, L7 filtering, and packet forwarding. With the widespread adoption of network encryption though, DPI tools that rely on packet payload content are becoming less effective, demanding the development of more sophisticated techniques in order to adapt to current network encryption trends. In this work, we present HeaderHunter, a fast signature-based intrusion detection system even for encrypted network traffic. We generate signatures using only network packet metadata extracted from packet headers. In addition, we examine the processing acceleration of the intrusion detection engine using different heterogeneous hardware architectures. |
| format | Online Article Text |
| id | pubmed-7915898 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2021 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-79158982021-03-01 Acceleration of Intrusion Detection in Encrypted Network Traffic Using Heterogeneous Hardware † Papadogiannaki, Eva Ioannidis, Sotiris Sensors (Basel) Article More than 75% of Internet traffic is now encrypted, and this percentage is constantly increasing. The majority of communications are secured using common encryption protocols such as SSL/TLS and IPsec to ensure security and protect the privacy of Internet users. However, encryption can be exploited to hide malicious activities, camouflaged into normal network traffic. Traditionally, network traffic inspection is based on techniques like deep packet inspection (DPI). Common applications for DPI include but are not limited to firewalls, intrusion detection and prevention systems, L7 filtering, and packet forwarding. With the widespread adoption of network encryption though, DPI tools that rely on packet payload content are becoming less effective, demanding the development of more sophisticated techniques in order to adapt to current network encryption trends. In this work, we present HeaderHunter, a fast signature-based intrusion detection system even for encrypted network traffic. We generate signatures using only network packet metadata extracted from packet headers. In addition, we examine the processing acceleration of the intrusion detection engine using different heterogeneous hardware architectures. MDPI 2021-02-06 /pmc/articles/PMC7915898/ /pubmed/33562000 http://dx.doi.org/10.3390/s21041140 Text en © 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Papadogiannaki, Eva Ioannidis, Sotiris Acceleration of Intrusion Detection in Encrypted Network Traffic Using Heterogeneous Hardware † |
| title | Acceleration of Intrusion Detection in Encrypted Network Traffic Using Heterogeneous Hardware † |
| title_full | Acceleration of Intrusion Detection in Encrypted Network Traffic Using Heterogeneous Hardware † |
| title_fullStr | Acceleration of Intrusion Detection in Encrypted Network Traffic Using Heterogeneous Hardware † |
| title_full_unstemmed | Acceleration of Intrusion Detection in Encrypted Network Traffic Using Heterogeneous Hardware † |
| title_short | Acceleration of Intrusion Detection in Encrypted Network Traffic Using Heterogeneous Hardware † |
| title_sort | acceleration of intrusion detection in encrypted network traffic using heterogeneous hardware † |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7915898/ https://www.ncbi.nlm.nih.gov/pubmed/33562000 http://dx.doi.org/10.3390/s21041140 |
| work_keys_str_mv | AT papadogiannakieva accelerationofintrusiondetectioninencryptednetworktrafficusingheterogeneoushardware AT ioannidissotiris accelerationofintrusiondetectioninencryptednetworktrafficusingheterogeneoushardware |