基于IPSec的NetFlow抓包系统加密仿真

2012 5th International Conference on Computers and Devices for Communication (CODEC) Pub Date : 2012-12-01 DOI:10.1109/CODEC.2012.6509361

A. J. Ghazali, W. Al-Nuaimy, A. Nandi

{"title":"基于IPSec的NetFlow抓包系统加密仿真","authors":"A. J. Ghazali, W. Al-Nuaimy, A. Nandi","doi":"10.1109/CODEC.2012.6509361","DOIUrl":null,"url":null,"abstract":"This paper investigates the effectiveness of IPSec as encryption tools in securing NetFlow packets through an encapsulated channel in a simulated network traffic model. NetFlow's flow recording is one of the most serious threats that has broad significance in NetFlow's flow recording technology. By securing the NetFlow, the administrator could enforce a privacy policy on the data that is recorded. We employ IPSec as encryption tool that encapsulates the flow and turns it into a secured channel. Furthermore, we demonstrate that the CPU and memory utilization during the process will not have a big impact on machine's performance. Simulation results show that NetFlow's flow data are successfully recorded and encrypted by IPSec. It is found that this process has not consumed more memory which only differs by 0.2% from normal operation and that the CPU performance is only increased by 6.5%.","PeriodicalId":399616,"journal":{"name":"2012 5th International Conference on Computers and Devices for Communication (CODEC)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Simulation of the encryption of NetFlow packet capturing system using IPSec\",\"authors\":\"A. J. Ghazali, W. Al-Nuaimy, A. Nandi\",\"doi\":\"10.1109/CODEC.2012.6509361\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper investigates the effectiveness of IPSec as encryption tools in securing NetFlow packets through an encapsulated channel in a simulated network traffic model. NetFlow's flow recording is one of the most serious threats that has broad significance in NetFlow's flow recording technology. By securing the NetFlow, the administrator could enforce a privacy policy on the data that is recorded. We employ IPSec as encryption tool that encapsulates the flow and turns it into a secured channel. Furthermore, we demonstrate that the CPU and memory utilization during the process will not have a big impact on machine's performance. Simulation results show that NetFlow's flow data are successfully recorded and encrypted by IPSec. It is found that this process has not consumed more memory which only differs by 0.2% from normal operation and that the CPU performance is only increased by 6.5%.\",\"PeriodicalId\":399616,\"journal\":{\"name\":\"2012 5th International Conference on Computers and Devices for Communication (CODEC)\",\"volume\":\"22 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 5th International Conference on Computers and Devices for Communication (CODEC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CODEC.2012.6509361\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 5th International Conference on Computers and Devices for Communication (CODEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CODEC.2012.6509361","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

本文研究了IPSec作为加密工具在模拟网络流量模型中通过封装通道保护NetFlow数据包的有效性。NetFlow的流量记录是NetFlow流量记录技术中最严重的威胁之一，具有广泛的意义。通过保护NetFlow，管理员可以对记录的数据实施隐私策略。我们采用IPSec作为加密工具，封装流并将其转换为安全通道。此外，我们证明了进程中的CPU和内存利用率不会对机器的性能产生很大的影响。仿真结果表明，NetFlow的流量数据被IPSec成功记录并加密。结果发现，该进程并没有消耗更多的内存，仅与正常操作相差0.2%，CPU性能仅提高6.5%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Simulation of the encryption of NetFlow packet capturing system using IPSec

This paper investigates the effectiveness of IPSec as encryption tools in securing NetFlow packets through an encapsulated channel in a simulated network traffic model. NetFlow's flow recording is one of the most serious threats that has broad significance in NetFlow's flow recording technology. By securing the NetFlow, the administrator could enforce a privacy policy on the data that is recorded. We employ IPSec as encryption tool that encapsulates the flow and turns it into a secured channel. Furthermore, we demonstrate that the CPU and memory utilization during the process will not have a big impact on machine's performance. Simulation results show that NetFlow's flow data are successfully recorded and encrypted by IPSec. It is found that this process has not consumed more memory which only differs by 0.2% from normal operation and that the CPU performance is only increased by 6.5%.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2012 5th International Conference on Computers and Devices for Communication (CODEC)

自引率

0.00%

发文量