Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
A Fragment Hashing Approach for Scalable and Cloud-Aware Network File Detection
Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013). (DISCO)ORCID-id: 0000-0003-3461-7079
2018 (engelsk)Inngår i: Proceedings of NTMS 2018 Conference and Workshop, New York: IEEE, 2018, s. 1-5Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

Monitoring networks for the presence of some particular set of files can, for example, be important in order to avoid exfiltration of sensitive data, or combat the spread of Child Sexual Abuse (CSA) material. This work presents a scalable system for large-scale file detection in high-speed networks. A multi-level approach using packet sampling with rolling and block hashing is introduced. We show that such approach together with a well tuned implementation can perform detection of a large number of files on the network at 10 Gbps using standard hardware. The use of packet sampling enables easy distribution of the monitoring processing functionality, and allows for flexible scaling in a cloud environment. Performance experiments on the most run-time critical hashing parts shows a single-thread performance consistent with 10Gbps line rate monitoring. The file detectability is examined for three data sets over a range of packet sampling rates. A conservative sampling rate of 0.1 is demonstrated to perform well for all tested data sets. It is also shown that knowledge of the file size distribution can be exploited to allow lower sampling rates to be configured for two of the data sets, which in turn results in lower resource usage.

sted, utgiver, år, opplag, sider
New York: IEEE, 2018. s. 1-5
Emneord [en]
Monitoring, Databases, Metadata, Hardware, Throughput, Forensics, System analysis and design
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
URN: urn:nbn:se:kau:diva-67375DOI: 10.1109/NTMS.2018.8328746ISI: 000448864200076ISBN: 978-1-5386-3662-6 (digital)ISBN: 978-1-5386-3663-3 (tryckt)OAI: oai:DiVA.org:kau-67375DiVA, id: diva2:1209861
Konferanse
2018 9th IFIP International Conference on New Technologies, Mobility & Security, 26-28 February 2018, Paris, France
Tilgjengelig fra: 2018-05-24 Laget: 2018-05-24 Sist oppdatert: 2019-06-17bibliografisk kontrollert

Open Access i DiVA

Fulltekst mangler i DiVA

Andre lenker

Forlagets fullteksthttps://ieeexplore.ieee.org/document/8328746/

Personposter BETA

Garcia, Johan

Søk i DiVA

Av forfatter/redaktør
Garcia, Johan
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric

doi
isbn
urn-nbn
Totalt: 3904 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf