Simulation of the encryption of NetFlow packet capturing system using IPSec

A. J. Ghazali, W. Al-Nuaimy, A. Nandi
{"title":"Simulation of the encryption of NetFlow packet capturing system using IPSec","authors":"A. J. Ghazali, W. Al-Nuaimy, A. Nandi","doi":"10.1109/CODEC.2012.6509361","DOIUrl":null,"url":null,"abstract":"This paper investigates the effectiveness of IPSec as encryption tools in securing NetFlow packets through an encapsulated channel in a simulated network traffic model. NetFlow's flow recording is one of the most serious threats that has broad significance in NetFlow's flow recording technology. By securing the NetFlow, the administrator could enforce a privacy policy on the data that is recorded. We employ IPSec as encryption tool that encapsulates the flow and turns it into a secured channel. Furthermore, we demonstrate that the CPU and memory utilization during the process will not have a big impact on machine's performance. Simulation results show that NetFlow's flow data are successfully recorded and encrypted by IPSec. It is found that this process has not consumed more memory which only differs by 0.2% from normal operation and that the CPU performance is only increased by 6.5%.","PeriodicalId":399616,"journal":{"name":"2012 5th International Conference on Computers and Devices for Communication (CODEC)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 5th International Conference on Computers and Devices for Communication (CODEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CODEC.2012.6509361","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1

Abstract

This paper investigates the effectiveness of IPSec as encryption tools in securing NetFlow packets through an encapsulated channel in a simulated network traffic model. NetFlow's flow recording is one of the most serious threats that has broad significance in NetFlow's flow recording technology. By securing the NetFlow, the administrator could enforce a privacy policy on the data that is recorded. We employ IPSec as encryption tool that encapsulates the flow and turns it into a secured channel. Furthermore, we demonstrate that the CPU and memory utilization during the process will not have a big impact on machine's performance. Simulation results show that NetFlow's flow data are successfully recorded and encrypted by IPSec. It is found that this process has not consumed more memory which only differs by 0.2% from normal operation and that the CPU performance is only increased by 6.5%.
基于IPSec的NetFlow抓包系统加密仿真
本文研究了IPSec作为加密工具在模拟网络流量模型中通过封装通道保护NetFlow数据包的有效性。NetFlow的流量记录是NetFlow流量记录技术中最严重的威胁之一,具有广泛的意义。通过保护NetFlow,管理员可以对记录的数据实施隐私策略。我们采用IPSec作为加密工具,封装流并将其转换为安全通道。此外,我们证明了进程中的CPU和内存利用率不会对机器的性能产生很大的影响。仿真结果表明,NetFlow的流量数据被IPSec成功记录并加密。结果发现,该进程并没有消耗更多的内存,仅与正常操作相差0.2%,CPU性能仅提高6.5%。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信