Improving Intrusion Detection for IoT Networks - A Snort GPGPU Modification Using OpenCL

Typ
Examensarbete för masterexamen
Master Thesis
Program
Publicerad
2018
Författare
Johansson, Linus
Olsson, Oskar
Modellbyggare
Tidskriftstitel
ISSN
Volymtitel
Utgivare
Sammanfattning
The Internet of Things, or IoT, is continuously growing with more devices being connected every day, adding new features and functionality to our personal and home devices by connecting them to the Internet. However, with the increase of devices and components, new security threats arise in previously offline systems that used to be immune to network attacks. This increase calls for better security options that can ensure protection of the data flowing in IoT networks by detecting and mitigating new threats. To contribute to the mentioned area, the goal of this thesis was to develop and evaluate a modified version of Snort, a widely used intrusion detection system. The idea was to improve the efficiency of computationally expensive pattern matching by extending Snort to use a graphical processing unit for such work. The Snort modification was tested by comparing it to that of an unmodified version of Snort in a closed environment with simulated network traffic. The tests were run on a single-board-computer to simulate the IoT context. The results show that the new functionality yields a speedup of 1.3 when analyzing captured traffic, a throughput increase of a factor of two when inspecting live traffic, and slightly less energy consumption, all when comparing to original Snort. With these results, it seems plausible to use the IoT devices as a means of strengthening their own security and protect them from network attacks.
Beskrivning
Ämne/nyckelord
Data- och informationsvetenskap, Computer and Information Science
Citation
Arkitekt (konstruktör)
Geografisk plats
Byggnad (typ)
Byggår
Modelltyp
Skala
Teknik / material