Publication
Parameterization and performance analysis of a scalable, near real-time packet capturing platform
| dc.contributor.author | Oliveira, Rafael Cardoso de | |
| dc.contributor.author | Pedrosa, Tiago | |
| dc.contributor.author | Rufino, José | |
| dc.contributor.author | Lopes, Rui Pedro | |
| dc.date.accessioned | 2024-05-23T08:56:15Z | |
| dc.date.available | 2024-05-23T08:56:15Z | |
| dc.date.issued | 2024 | |
| dc.description.abstract | The rapid evolution of technology has fostered an exponential rise in the number of individuals and devices interconnected via the Internet. This interconnectedness has prompted companies to expand their computing and communication infrastructures significantly to accommodate the escalating demands. However, this proliferation of connectivity has also opened new avenues for cyber threats, emphasizing the critical need for Intrusion Detection Systems (IDSs) to adapt and operate efficiently in this evolving landscape. In response, companies are increasingly seeking IDSs characterized by horizontal, modular, and elastic attributes, capable of dynamically scaling with the fluctuating volume of network data flows deemed essential for effective monitoring and threat detection. Yet, the task extends beyond mere data capture and storage; robust IDSs must integrate sophisticated components for data analysis and anomaly detection, ideally functioning in real-time or near real-time. While Machine Learning (ML) techniques present promising avenues for detecting and mitigating malicious activities, their efficacy hinges on the availability of high-quality training datasets, which in turn poses a significant challenge. This paper proposes a comprehensive solution in the form of an architecture and reference implementation for (near) real-time capture, storage, and analysis of network data within a 1 Gbps network environment. Performance benchmarks provided offer valuable insights for prototype optimization, demonstrating the capability of the proposed IDS architecture to meet objectives even under realistic operational scenarios. | pt_PT |
| dc.description.sponsorship | This work was partially supported by the Norte Portugal Regional Operational Programme (NORTE 2020), under the PORTUGAL 2020 Partnership Agreement, through the European Regional Development Fund (ERDF), within project “CybersSeCIP” (NORTE-01-0145-FEDER- 000044). This work was also supported by national funds through FCT/MCTES (PIDDAC): CeDRI, UIDB/05757/2020 (DOI: 10.54499/UIDB/05757/2020) and UIDP/05757/2020 (DOI: 10.54499/UIDP/ 05757/2020); and SusTEC, LA/P/0007/2020 (DOI: 10.54499/LA/P/0007/2020). | pt_PT |
| dc.description.version | info:eu-repo/semantics/publishedVersion | pt_PT |
| dc.identifier.citation | Oliveira, Rafael Cardoso de; Pedrosa, Tiago; Rufino, José; Lopes, Rui Pedro (2024). Parameterization and performance analysis of a scalable, near real-time packet capturing platform. Systems. ISSN 2079-8954. 12:4, p. 1-22 | pt_PT |
| dc.identifier.doi | 10.3390/systems12040126 | pt_PT |
| dc.identifier.eissn | 2079-8954 | |
| dc.identifier.uri | http://hdl.handle.net/10198/29799 | |
| dc.language.iso | eng | pt_PT |
| dc.peerreviewed | yes | pt_PT |
| dc.publisher | MDPI | pt_PT |
| dc.relation | Research Centre in Digitalization and Intelligent Robotics | |
| dc.relation | Research Centre in Digitalization and Intelligent Robotics | |
| dc.relation | Associate Laboratory for Sustainability and Tecnology in Mountain Regions | |
| dc.rights.uri | http://creativecommons.org/licenses/by/4.0/ | pt_PT |
| dc.subject | Cybersecurity | pt_PT |
| dc.subject | IDS | pt_PT |
| dc.subject | Distributed systems | pt_PT |
| dc.subject | Packet capture | pt_PT |
| dc.title | Parameterization and performance analysis of a scalable, near real-time packet capturing platform | pt_PT |
| dc.type | journal article | |
| dspace.entity.type | Publication | |
| oaire.awardTitle | Research Centre in Digitalization and Intelligent Robotics | |
| oaire.awardTitle | Research Centre in Digitalization and Intelligent Robotics | |
| oaire.awardTitle | Associate Laboratory for Sustainability and Tecnology in Mountain Regions | |
| oaire.awardURI | info:eu-repo/grantAgreement/FCT/6817 - DCRRNI ID/UIDB%2F05757%2F2020/PT | |
| oaire.awardURI | info:eu-repo/grantAgreement/FCT/6817 - DCRRNI ID/UIDP%2F05757%2F2020/PT | |
| oaire.awardURI | info:eu-repo/grantAgreement/FCT/6817 - DCRRNI ID/LA%2FP%2F0007%2F2020/PT | |
| oaire.citation.endPage | 22 | pt_PT |
| oaire.citation.issue | 4 | pt_PT |
| oaire.citation.startPage | 1 | pt_PT |
| oaire.citation.title | Systems | pt_PT |
| oaire.citation.volume | 12 | pt_PT |
| oaire.fundingStream | 6817 - DCRRNI ID | |
| oaire.fundingStream | 6817 - DCRRNI ID | |
| oaire.fundingStream | 6817 - DCRRNI ID | |
| person.familyName | Oliveira | |
| person.familyName | Pedrosa | |
| person.familyName | Rufino | |
| person.familyName | Lopes | |
| person.givenName | Rafael Cardoso de | |
| person.givenName | Tiago | |
| person.givenName | José | |
| person.givenName | Rui Pedro | |
| person.identifier.ciencia-id | F71B-6628-2D66 | |
| person.identifier.ciencia-id | B81E-0583-AEDF | |
| person.identifier.ciencia-id | C414-F47F-6323 | |
| person.identifier.ciencia-id | 8E14-54E4-4DB5 | |
| person.identifier.orcid | 0000-0003-4997-4757 | |
| person.identifier.orcid | 0000-0003-4873-2705 | |
| person.identifier.orcid | 0000-0002-1344-8264 | |
| person.identifier.orcid | 0000-0002-9170-5078 | |
| person.identifier.rid | G-2249-2011 | |
| person.identifier.scopus-author-id | 57387127100 | |
| person.identifier.scopus-author-id | 35318153700 | |
| person.identifier.scopus-author-id | 55947199100 | |
| project.funder.identifier | http://doi.org/10.13039/501100001871 | |
| project.funder.identifier | http://doi.org/10.13039/501100001871 | |
| project.funder.identifier | http://doi.org/10.13039/501100001871 | |
| project.funder.name | Fundação para a Ciência e a Tecnologia | |
| project.funder.name | Fundação para a Ciência e a Tecnologia | |
| project.funder.name | Fundação para a Ciência e a Tecnologia | |
| rcaap.rights | openAccess | pt_PT |
| rcaap.type | article | pt_PT |
| relation.isAuthorOfPublication | 06566b21-6c48-40b6-927f-011af56875a7 | |
| relation.isAuthorOfPublication | fee2835e-2230-4414-a58e-bcba895d1f0b | |
| relation.isAuthorOfPublication | 1e24d2ce-a354-442a-bef8-eebadd94b385 | |
| relation.isAuthorOfPublication | e1e64423-0ec8-46ee-be96-33205c7c98a9 | |
| relation.isAuthorOfPublication.latestForDiscovery | e1e64423-0ec8-46ee-be96-33205c7c98a9 | |
| relation.isProjectOfPublication | 6e01ddc8-6a82-4131-bca6-84789fa234bd | |
| relation.isProjectOfPublication | d0a17270-80a8-4985-9644-a04c2a9f2dff | |
| relation.isProjectOfPublication | 6255046e-bc79-4b82-8884-8b52074b4384 | |
| relation.isProjectOfPublication.latestForDiscovery | 6e01ddc8-6a82-4131-bca6-84789fa234bd |