The development of trusted NetFlow packet capturing system / Ahmad Fuad Mat Som
Today, with the growing of new applications and software, network managers are keen to know what kind of traffic that flows in their network infrastructure everyday. Many protocols are available such as Simple Network Management Protocol (SNMP), packet sniffing and flow-based technology (NetFlow, JF...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2009
|
| Subjects: | |
| Online Access: | https://ir.uitm.edu.my/id/eprint/64644/1/64644.pdf https://ir.uitm.edu.my/id/eprint/64644/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.uitm.ir.64644 |
|---|---|
| record_format |
eprints |
| spelling |
my.uitm.ir.646442023-04-19T01:45:07Z https://ir.uitm.edu.my/id/eprint/64644/ The development of trusted NetFlow packet capturing system / Ahmad Fuad Mat Som Mat Som, Ahmad Fuad Computer networks. General works. Traffic monitoring Computer network protocols Intrusion detection systems (Computer security). Computer network security. Hackers Today, with the growing of new applications and software, network managers are keen to know what kind of traffic that flows in their network infrastructure everyday. Many protocols are available such as Simple Network Management Protocol (SNMP), packet sniffing and flow-based technology (NetFlow, JFlow and SFlow) can be used to obtain information about IP traffic. Security measure must be taken into consideration when deploying these protocols especially the traffic comes from remote sites through public or unsecured channel. The challenge now is how secure this data can be sent to the monitoring server. In this dissertation we propose IPsec transport mode to be used to protect NetFlow packet sent from a Flow Probe to a Flow Collector. Flow Probe will be tested to run on single machine. Analysis wilL be carried out to investigate the effect and performance. Test bed lab has been set-up to experiment the proposed method. The test bed consist of a Flow Probe, a Flow Collector, a Linux router, three network switches and two units of PC acting as sender and receiver which installed each with traffic generator. To ensure that the proposed architecture will work and achieve the highest security computing, some tests are conducted. The traffic will be sniffed to show that the content of the packet is encrypted securely between Flow Probe and Flow Collector. 2009 Thesis NonPeerReviewed text en https://ir.uitm.edu.my/id/eprint/64644/1/64644.pdf The development of trusted NetFlow packet capturing system / Ahmad Fuad Mat Som. (2009) Masters thesis, thesis, Universiti Teknologi MARA (UiTM). |
| institution |
Universiti Teknologi Mara |
| building |
Tun Abdul Razak Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Mara |
| content_source |
UiTM Institutional Repository |
| url_provider |
http://ir.uitm.edu.my/ |
| language |
English |
| topic |
Computer networks. General works. Traffic monitoring Computer network protocols Intrusion detection systems (Computer security). Computer network security. Hackers |
| spellingShingle |
Computer networks. General works. Traffic monitoring Computer network protocols Intrusion detection systems (Computer security). Computer network security. Hackers Mat Som, Ahmad Fuad The development of trusted NetFlow packet capturing system / Ahmad Fuad Mat Som |
| description |
Today, with the growing of new applications and software, network managers are keen to know what kind of traffic that flows in their network infrastructure everyday. Many protocols are available such as Simple Network Management Protocol (SNMP), packet sniffing and flow-based technology (NetFlow, JFlow and SFlow) can be used to obtain information about IP traffic. Security measure must be taken into consideration when deploying these protocols especially the traffic comes from remote sites through public or unsecured channel. The challenge now is how secure this data can be sent to the monitoring server. In this dissertation we propose IPsec transport mode to be used to protect NetFlow packet sent from a Flow Probe to a Flow Collector. Flow Probe will be tested to run on single machine. Analysis wilL be carried out to investigate the effect and performance. Test bed lab has been set-up to experiment the proposed method. The test bed consist of a Flow Probe, a Flow Collector, a Linux router, three network switches and two units of PC acting as sender and receiver which installed each with traffic generator. To ensure that the proposed architecture will work and achieve the highest security computing, some tests are conducted. The traffic will be sniffed to show that the content of the packet is encrypted securely between Flow Probe and Flow Collector. |
| format |
Thesis |
| author |
Mat Som, Ahmad Fuad |
| author_facet |
Mat Som, Ahmad Fuad |
| author_sort |
Mat Som, Ahmad Fuad |
| title |
The development of trusted NetFlow packet capturing system / Ahmad Fuad Mat Som |
| title_short |
The development of trusted NetFlow packet capturing system / Ahmad Fuad Mat Som |
| title_full |
The development of trusted NetFlow packet capturing system / Ahmad Fuad Mat Som |
| title_fullStr |
The development of trusted NetFlow packet capturing system / Ahmad Fuad Mat Som |
| title_full_unstemmed |
The development of trusted NetFlow packet capturing system / Ahmad Fuad Mat Som |
| title_sort |
development of trusted netflow packet capturing system / ahmad fuad mat som |
| publishDate |
2009 |
| url |
https://ir.uitm.edu.my/id/eprint/64644/1/64644.pdf https://ir.uitm.edu.my/id/eprint/64644/ |
| _version_ |
1765300317837066240 |
| score |
13.209306 |