Sciweavers

RAID
2007
Springer

Vortex: Enabling Cooperative Selective Wormholing for Network Security Systems

14 years 6 months ago
Vortex: Enabling Cooperative Selective Wormholing for Network Security Systems
We present a novel approach to remote traffic aggregation for Network Intrusion Detection Systems (NIDS) called Cooperative Selective Wormholing (CSW). Our approach works by selectively aggregating traffic bound for unused network ports on a volunteer’s commodity PC. CSW could enable NIDS operators to cheaply and efficiently monitor large distributed portions of the Internet, something they are currently incapable of. Based on a study of several hundred hosts in a university network, we posit that there is sufficient heterogeneity in hosts’ network service configurations to achieve a high degree of network coverage by re-using unused port space on client machines. We demonstrate Vortex, a proof-of-concept CSW implementation that runs on a wide range of commodity PCs (Unix and Windows). Our experiments show that Vortex can selectively aggregate traffic to a virtual machine backend, effectively allowing two machines to share the same IP address transparently. We close with a discus...
John R. Lange, Peter A. Dinda, Fabián E. Bu
Added 09 Jun 2010
Updated 09 Jun 2010
Type Conference
Year 2007
Where RAID
Authors John R. Lange, Peter A. Dinda, Fabián E. Bustamante
Comments (0)