Please use this identifier to cite or link to this item: http://hdl.handle.net/10603/234526
Full metadata record
DC FieldValueLanguage
dc.coverage.spatial
dc.date.accessioned2019-03-26T09:03:23Z-
dc.date.available2019-03-26T09:03:23Z-
dc.identifier.urihttp://hdl.handle.net/10603/234526-
dc.description.abstractSecurity threats have evolved from simple attacks such as virus in-fections to more sophisticated ones like the Application-layer buffer overflow, DDoS, Phishing and many zero-day variants. Such threats have significantly altered the requirements for modern network security architecture. To detect and prevent these threats, a completely new kind of security system is required which is highly proactive as well as reactive. To protect a network from complex, sophisticated attacks, the security system should have the ability to learn from the behaviour of the past attacks and get prepared to thwart similar attacks or at- tacks from similar sources in the future. A quick response time for such a detection, analysis and learning system is the key to a strong and reliable security system. Intrusion Detection systems(IDS) and Intrusion Prevention Systems (IPS) monitor network and/or host activities for anomalous behaviour and react in real-time to block or prevent them. Traditional IDS/IPS use signature matching or anomaly detection techniques which work fine for known attacks but fail to detect new attacks. Another draw- back is the generation of too many false positive alerts in which the IDS mistakes legitimate traffic for an attack. An Intrusion Detection System based on Deep Packet Inspection (DPI) technology, where the appliance has the mechanism to look within the application payload of the traffic by inspecting every byte of every packet, has the ability to detect intrusions which are more difficult to detect as compared to the detection of simple attacks. The real-time monitoring of the payload at any level requires signifi- cant human and hardware resources, and does not scale to networks larger than a single workgroup. It is more practical to archive all traffic and analyze subsets as necessary. The process, also known as recon- structive traffic analysis, or network forensics, can enhance the security of the network and also be useful for the investigation of the attacks.
dc.format.extentxix, 179p.
dc.languageEnglish
dc.relation
dc.rightsuniversity
dc.titleDPI based forensic analysis of network traffic using grid infrastructure
dc.title.alternative
dc.creator.researcherSharma, Jyotsna
dc.subject.keywordDeep packet inspection
dc.subject.keywordForensic analysis
dc.subject.keywordGrid computing
dc.subject.keywordNetwork security
dc.description.note
dc.contributor.guideSingh, Maninder
dc.publisher.placePatiala
dc.publisher.universityThapar Institute of Engineering and Technology
dc.publisher.institutionDepartment of Computer Science and Engineering
dc.date.registered
dc.date.completed2016
dc.date.awarded
dc.format.dimensions
dc.format.accompanyingmaterialNone
dc.source.universityUniversity
dc.type.degreePh.D.
Appears in Departments:Department of Computer Science and Engineering

Files in This Item:
File Description SizeFormat 
file10(references).pdfAttached File188.93 kBAdobe PDFView/Open
file11(publications).pdf52.2 kBAdobe PDFView/Open
file1(title).pdf55.16 kBAdobe PDFView/Open
file2(certificate).pdf196.82 kBAdobe PDFView/Open
file3(preliminary pages).pdf295.49 kBAdobe PDFView/Open
file4(chapter 1).pdf1.01 MBAdobe PDFView/Open
file5(chapter 2).pdf671.63 kBAdobe PDFView/Open
file6(chapter 3).pdf521.17 kBAdobe PDFView/Open
file7(chapter 4).pdf912.91 kBAdobe PDFView/Open
file8(chapter 5).pdf288.85 kBAdobe PDFView/Open
file9(chapter 6).pdf72.99 kBAdobe PDFView/Open


Items in Shodhganga are licensed under Creative Commons Licence Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0).

Altmetric Badge: