Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
A Fragment Hashing Approach for Scalable and Cloud-Aware Network File Detection
Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013). (DISCO)ORCID-id: 0000-0003-3461-7079
2018 (Engelska)Ingår i: Proceedings of NTMS 2018 Conference and Workshop, New York: IEEE, 2018, s. 1-5Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Monitoring networks for the presence of some particular set of files can, for example, be important in order to avoid exfiltration of sensitive data, or combat the spread of Child Sexual Abuse (CSA) material. This work presents a scalable system for large-scale file detection in high-speed networks. A multi-level approach using packet sampling with rolling and block hashing is introduced. We show that such approach together with a well tuned implementation can perform detection of a large number of files on the network at 10 Gbps using standard hardware. The use of packet sampling enables easy distribution of the monitoring processing functionality, and allows for flexible scaling in a cloud environment. Performance experiments on the most run-time critical hashing parts shows a single-thread performance consistent with 10Gbps line rate monitoring. The file detectability is examined for three data sets over a range of packet sampling rates. A conservative sampling rate of 0.1 is demonstrated to perform well for all tested data sets. It is also shown that knowledge of the file size distribution can be exploited to allow lower sampling rates to be configured for two of the data sets, which in turn results in lower resource usage.

Ort, förlag, år, upplaga, sidor
New York: IEEE, 2018. s. 1-5
Nyckelord [en]
Monitoring, Databases, Metadata, Hardware, Throughput, Forensics, System analysis and design
Nationell ämneskategori
Datavetenskap (datalogi)
Forskningsämne
Datavetenskap
Identifikatorer
URN: urn:nbn:se:kau:diva-67375DOI: 10.1109/NTMS.2018.8328746ISI: 000448864200076ISBN: 978-1-5386-3662-6 (digital)ISBN: 978-1-5386-3663-3 (tryckt)OAI: oai:DiVA.org:kau-67375DiVA, id: diva2:1209861
Konferens
2018 9th IFIP International Conference on New Technologies, Mobility & Security, 26-28 February 2018, Paris, France
Tillgänglig från: 2018-05-24 Skapad: 2018-05-24 Senast uppdaterad: 2019-06-17Bibliografiskt granskad

Open Access i DiVA

Fulltext saknas i DiVA

Övriga länkar

Förlagets fulltexthttps://ieeexplore.ieee.org/document/8328746/

Personposter BETA

Garcia, Johan

Sök vidare i DiVA

Av författaren/redaktören
Garcia, Johan
Av organisationen
Institutionen för matematik och datavetenskap (from 2013)
Datavetenskap (datalogi)

Sök vidare utanför DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetricpoäng

doi
isbn
urn-nbn
Totalt: 3904 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf