Thesis Details
Akcelerace detekce bezpečnostních hrozeb v síti
This bachelor's thesis deals with the acceleration of IDS (Intrusion Detection System) for detection of security threats in networks. The main goal of the thesis is a proposal to use the Software Defined Monitoring (SDM) concept to accelerate the activity of IDS applications with a regard to their subsequent deployment for high-speed network analysis. The proposed system is implemented and subsequently evaluated for two selected open-source applications - Snort and Suricata. Over and above the task, native support for the SZE2 interface for packet acquisition is also implemented for the Suricata system in order to achieve even faster acceleration using an accelerated network interface card. Two alternatives of the concept are further analysed and compared in the thesis. The first alternative uses the hardware-accelerated version of SDM, while the second alternative is based on full software implementation of the SDM principle. Both alternatives are then evaluated in terms of achieved results and performance parameters of the entire system before and after the acceleration.
Instrusion Detection System, IDS, Software Defined Monitoring, SDM, Security, Monitoring, High-speed Networks, Hardware Acceleration.
Dytrych Jaroslav, Ing., Ph.D. (DCGM FIT BUT), člen
Hrubý Martin, Ing., Ph.D. (DITS FIT BUT), člen
Kořenek Jan, doc. Ing., Ph.D. (DCSY FIT BUT), člen
Švéda Miroslav, prof. Ing., CSc. (DIFS FIT BUT), člen
@bachelorsthesis{FITBT19926, author = "Adam Piecek", type = "Bachelor's thesis", title = "Akcelerace detekce bezpe\v{c}nostn\'{i}ch hrozeb v s\'{i}ti", school = "Brno University of Technology, Faculty of Information Technology", year = 2017, location = "Brno, CZ", language = "czech", url = "https://www.fit.vut.cz/study/thesis/19926/" }