I-BiDaaS at the IEEE International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (IEEE CAMAD 2020)
Date: 14 - 16 September 2020
Venue: Virtual Conference
Eva Papadogiannaki from Foundation for Research and Technology (FORTH-ICS) participated to the IEEE International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD 2020) which was held as a virtual conference, on September 14 – 16, 2020.
The International Workshop on Computer-Aided Modeling Analysis and Design of Communication Links and Networks (CAMAD) provides a forum for discussion of recent developments on analytical and simulation tools and techniques for the performance evaluation of communications systems. This year IEEE CAMAD was focused on Communication and Experimentation aspects of 5G, Industrial IoT for Industry 4.0, and beyond. IEEE CAMAD hosted a rich program with various Special Sessions, bringing together a diverse group of scientists, engineers, manufacturers and providers to exchange and share their experiences and new ideas focusing on research and innovation results in the 5G and Industry 4.0 domains.
On Wednesday, September 16, Ms. Papadogiannaki presented to the relevant audience the work carried out in the context of I-BiDaaS “Head(er)Hunter: Fast Intrusion Detection using Packet Metadata Signatures”.
More than 75% of the Internet traffic is now encrypted, while this percentage is constantly increasing. The majority of communications are secured using common encryption protocols such as SSL/TLS and IPsec to ensure security and protect the privacy of Internet users. Yet, encryption can be exploited to hide malicious activities. Traditionally, network traffic inspection is based on techniques like deep packet inspection (DPI). Common applications for DPI include but are not limited to firewalls, intrusion detection and prevention systems, L7 filtering and packet forwarding. The core functionality of such DPI implementations is based on pattern matching that enables searching for specific strings or regular expressions inside the packet contents. With the widespread adoption of network encryption though, DPI tools that rely on packet payload content are becoming less effective, demanding the development of more sophisticated techniques in order to adapt to current network encryption trends. In this work, we present HeaderHunter, an fast signature-based intrusion detection system even in encrypted network traffic. We generate signatures using only network packet metadata extracted from packet headers. Also, to cope with the ever increasing network speeds, we accelerate the inner computations of our proposed system using off-the-shelf GPUs.
Papadogiannaki Eva, Deyannis Dimitris, and Ioannidis Sotiris. “Head(er)Hunter: Fast Intrusion Detection using Packet Metadata Signatures.” In Proceedings of the IEEE International Workshop on Computer Aided Modeling and Design of Communication, 2020, to appear.