Towards improved functionality and performance of intrusion detection systems
Based on analysis from collected network traces, a decade of literature in the field of intrusion detection, experiences shared by people in the network security domain, and some new heuristics, this thesis explores several directions in which to extend the functionality and performance of existing...
Main Author: | |
---|---|
Language: | English |
Published: |
University of British Columbia
2011
|
Online Access: | http://hdl.handle.net/2429/30978 |
id |
ndltd-LACETR-oai-collectionscanada.gc.ca-BVAU.2429-30978 |
---|---|
record_format |
oai_dc |
spelling |
ndltd-LACETR-oai-collectionscanada.gc.ca-BVAU.2429-309782014-03-26T03:37:48Z Towards improved functionality and performance of intrusion detection systems Singh, Sunjeet Based on analysis from collected network traces, a decade of literature in the field of intrusion detection, experiences shared by people in the network security domain, and some new heuristics, this thesis explores several directions in which to extend the functionality and performance of existing Intrusion Detection Systems(IDS). We first present a new method for detecting a whole range of TCP attacks, and an extension of that method for detecting Distributed Denial of Service attacks. We then analyze two directions for enhancing performance: using cloud services to flexibly scale to higher IDS throughput; and leveraging hardware functionality in modern network cards for efficient multi-core processing. 2011-01-31T16:37:40Z 2011-01-31T16:37:40Z 2011 2011-01-31T16:37:40Z 2011-05 Electronic Thesis or Dissertation http://hdl.handle.net/2429/30978 eng University of British Columbia |
collection |
NDLTD |
language |
English |
sources |
NDLTD |
description |
Based on analysis from collected network traces, a decade of literature in the field of intrusion detection, experiences shared by people in the network security domain, and some new heuristics, this thesis explores several directions in which to extend the functionality and performance of existing Intrusion Detection Systems(IDS). We first present a new method for detecting a whole range of TCP attacks, and an extension of that method for detecting Distributed Denial of Service attacks. We then analyze two directions for enhancing performance: using cloud services to flexibly scale to higher IDS throughput; and leveraging hardware functionality in modern network cards for efficient multi-core processing. |
author |
Singh, Sunjeet |
spellingShingle |
Singh, Sunjeet Towards improved functionality and performance of intrusion detection systems |
author_facet |
Singh, Sunjeet |
author_sort |
Singh, Sunjeet |
title |
Towards improved functionality and performance of intrusion detection systems |
title_short |
Towards improved functionality and performance of intrusion detection systems |
title_full |
Towards improved functionality and performance of intrusion detection systems |
title_fullStr |
Towards improved functionality and performance of intrusion detection systems |
title_full_unstemmed |
Towards improved functionality and performance of intrusion detection systems |
title_sort |
towards improved functionality and performance of intrusion detection systems |
publisher |
University of British Columbia |
publishDate |
2011 |
url |
http://hdl.handle.net/2429/30978 |
work_keys_str_mv |
AT singhsunjeet towardsimprovedfunctionalityandperformanceofintrusiondetectionsystems |
_version_ |
1716655850398941184 |