Toward efficient DDoS detection with eBPF
Giuseppe Ognibene
Toward efficient DDoS detection with eBPF.
Rel. Fulvio Giovanni Ottavio Risso. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2021
|
Preview |
PDF (Tesi_di_laurea)
- Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives. Download (3MB) | Preview |
Abstract
In today’s Internet, IT security is a key component that faces new challenges every day to secure its services. In this regard, network monitoring represents the main point to be able to detect cyber attacks, and, in today’s network infrastructure it is increasingly implemented thanks to NFV (Network Function Virtualization) technology where network services are implemented in pure software. This brings several advantages such as flexibility and cost reduction as these functions can be performed on general purpose hardware. In this context, eBPF (Extended Berkeley Packet Filter) is an excellent technology, suitable for creating network functions for fast packet processing in the Linux kernel.
This thesis work was born with the intention of analyzing the advantages, disadvantages and limitations of having a network monitoring using eBPF when it is used to provide the necessary information to a detection algorithm of DDoS attacks, called Lucid
Relatori
Tipo di pubblicazione
URI
![]() |
Modifica (riservato agli operatori) |
