Shodhganga : a reservoir of Indian theses @ INFLIBNET
The Shodhganga@INFLIBNET Centre provides a platform for research students to deposit their Ph.D. theses and make it available to the entire scholarly community in open access.
Please use this identifier to cite or link to this item:
http://hdl.handle.net/10603/234526
| Title: | DPI based forensic analysis of network traffic using grid infrastructure |
| Researcher: | Sharma, Jyotsna |
| Guide(s): | Singh, Maninder |
| Keywords: | Deep packet inspection Forensic analysis Grid computing Network security |
| University: | Thapar Institute of Engineering and Technology |
| Completed Date: | 2016 |
| Abstract: | Security threats have evolved from simple attacks such as virus in-fections to more sophisticated ones like the Application-layer buffer overflow, DDoS, Phishing and many zero-day variants. Such threats have significantly altered the requirements for modern network security architecture. To detect and prevent these threats, a completely new kind of security system is required which is highly proactive as well as reactive. To protect a network from complex, sophisticated attacks, the security system should have the ability to learn from the behaviour of the past attacks and get prepared to thwart similar attacks or at- tacks from similar sources in the future. A quick response time for such a detection, analysis and learning system is the key to a strong and reliable security system. Intrusion Detection systems(IDS) and Intrusion Prevention Systems (IPS) monitor network and/or host activities for anomalous behaviour and react in real-time to block or prevent them. Traditional IDS/IPS use signature matching or anomaly detection techniques which work fine for known attacks but fail to detect new attacks. Another draw- back is the generation of too many false positive alerts in which the IDS mistakes legitimate traffic for an attack. An Intrusion Detection System based on Deep Packet Inspection (DPI) technology, where the appliance has the mechanism to look within the application payload of the traffic by inspecting every byte of every packet, has the ability to detect intrusions which are more difficult to detect as compared to the detection of simple attacks. The real-time monitoring of the payload at any level requires signifi- cant human and hardware resources, and does not scale to networks larger than a single workgroup. It is more practical to archive all traffic and analyze subsets as necessary. The process, also known as recon- structive traffic analysis, or network forensics, can enhance the security of the network and also be useful for the investigation of the attacks. |
| Pagination: | xix, 179p. |
| URI: | http://hdl.handle.net/10603/234526 |
| Appears in Departments: | Department of Computer Science and Engineering |
Files in This Item:
| File | Description | Size | Format | |
|---|---|---|---|---|
| file10(references).pdf | Attached File | 188.93 kB | Adobe PDF | View/Open |
| file11(publications).pdf | 52.2 kB | Adobe PDF | View/Open | |
| file1(title).pdf | 55.16 kB | Adobe PDF | View/Open | |
| file2(certificate).pdf | 196.82 kB | Adobe PDF | View/Open | |
| file3(preliminary pages).pdf | 295.49 kB | Adobe PDF | View/Open | |
| file4(chapter 1).pdf | 1.01 MB | Adobe PDF | View/Open | |
| file5(chapter 2).pdf | 671.63 kB | Adobe PDF | View/Open | |
| file6(chapter 3).pdf | 521.17 kB | Adobe PDF | View/Open | |
| file7(chapter 4).pdf | 912.91 kB | Adobe PDF | View/Open | |
| file8(chapter 5).pdf | 288.85 kB | Adobe PDF | View/Open | |
| file9(chapter 6).pdf | 72.99 kB | Adobe PDF | View/Open |
Items in Shodhganga are licensed under Creative Commons Licence Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0).
Altmetric Badge: