Enriching Network Security Analysis with Time Travel Motivation
24.12.2012 Views
Share Embed Flag

Enriching Network Security Analysis with Time Travel Motivation

Enriching Network Security Analysis with Time Travel Motivation

Enriching Network Security Analysis with Time Travel Motivation

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
security.riit.tsinghua.edu.cn

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

<strong>Enriching</strong> <strong>Network</strong> <strong>Security</strong> <strong>Analysis</strong> <strong>with</strong> <strong>Time</strong> <strong>Travel</strong>: Conclusion<br />

Conclusion<br />

<strong>Enriching</strong> <strong>Network</strong> <strong>Security</strong> <strong>Analysis</strong> <strong>with</strong> <strong>Time</strong> <strong>Travel</strong>: Conclusion<br />

Conclusion<br />

SIGCOMM 0819 19<br />

� We build and evaluated efficient <strong>Time</strong> Machine<br />

o Commodity hardware for gigabit environments<br />

o Used operationally<br />

� Cutoff heuristic: keep first x KB of every connection<br />

o Reduce volume typically by more than 90%<br />

o Retain days / weeks of full payload traces on disk<br />

o Retain minutes in memory<br />

� Coupled <strong>Time</strong> Machine <strong>with</strong> NIDS<br />

o Improved forensic support<br />

o Automatic queries for deeper inspection<br />

SIGCOMM 08 20

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!