A low-cost, connection aware, load-balancing solution for distributing Gigabit Ethernet traffic between two intrusion detection systems
Date
Authors
Major Professor
Advisor
Committee Member
Journal Title
Journal ISSN
Volume Title
Publisher
Altmetrics
Authors
Research Projects
Organizational Units
The Department of Electrical and Computer Engineering (ECpE) contains two focuses. The focus on Electrical Engineering teaches students in the fields of control systems, electromagnetics and non-destructive evaluation, microelectronics, electric power & energy systems, and the like. The Computer Engineering focus teaches in the fields of software systems, embedded systems, networking, information security, computer architecture, etc.
History
The Department of Electrical Engineering was formed in 1909 from the division of the Department of Physics and Electrical Engineering. In 1985 its name changed to Department of Electrical Engineering and Computer Engineering. In 1995 it became the Department of Electrical and Computer Engineering.
Dates of Existence
1909-present
Historical Names
- Department of Electrical Engineering (1909-1985)
- Department of Electrical Engineering and Computer Engineering (1985-1995)
Related Units
- College of Engineering (parent college)
- Department of Physics and Electrical Engineering (predecessor)
Journal Issue
Is Version Of
Versions
Series
Department
Abstract
In today's world of computer networking, Gigabit Ethernet is quickly becoming the norm for connectivity in computer networks. The ease of access to information on these networks leads to new information being made available daily. Rises in both malicious users and malicious network traffic increase the need for intrusion detection systems to monitor network traffic. However, intrusion detection systems capable of processing network traffic at the rate necessary for Gigabit Ethernet are typically expensive. An alternative to purchasing one of these systems is to use multiple, cheaper intrusion detection systems and run them in parallel. This requires that traffic be distributed to these intrusion detection systems such that their traffic monitoring activity is unaffected. For typical intrusion detection systems this means that all traffic belonging to a single connection cannot be separated. This thesis presents the design and implementation of a low-cost, connection aware, load balancing solution capable of distributing traffic to two intrusion detection systems while ensuring that all traffic for a given connection is not separated.