Abstract
As network data rates continue to increase, implementing real-time network security applications requires a scalable computing platform. Multicore and manycore parallel processing systems provide a way to scale network security applications. The focus of this study are network covert timing channels (CTCs) that provide secret communication between hosts by modulating the inter-packet delays of an overt application. In this paper, we present an implementation of a parallel CTC detection tool in a Massively Parallel Processing Array (MPPA) architecture. We examine the effectiveness of our tool for detecting model-based CTCs using parallel implementation of four common detection techniques, namely, the Kullback-Liebler Divergence (KLD), Kolmogorov-Smirnov (K-S), regularity and first order entropy tests. We evaluate the performance of the algorithms using classification rates and study the scalability by varying the number of cores. Results show that while parallelization provides benefit, the scalability is limited by the memory available in each core and the ability to stream in large number of flows to different cores.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
