Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
IPsec Intrusion Detection Analysis: Using data from an Ericsson Ethernet Interface Board
KTH, Skolan för informations- och kommunikationsteknik (ICT), Kommunikationssystem, CoS. (CCSlab)
KTH, Skolan för informations- och kommunikationsteknik (ICT), Kommunikationssystem, CoS. (CCSlab)
2008 (Engelska)Självständigt arbete på avancerad nivå (masterexamen), 20 poäng / 30 hpStudentuppsats (Examensarbete)
Abstract [en]

IP security (IPsec) is commonly used for protection in Virtual Private Networks (VPN). It is also used for the protection of traffic between nodes in third generation (3G) mobile networks. The main duty of telecommunication operators is to assure the quality of service and availability of the network for their users. Therefore knowledge of threats that could affect these requirements is of relevance. Denial of Service (DoS) and other attacks could constitute serious threats in 3G networks and, if successful, they could lead to financial and reputation damage for the telecommunication operator. One of the goals of each telecommunications vendor is to produce equipment and software in such a way as to reduce the risk of successful attacks upon networks built using their equipment and software. This master’s thesis aims to identify the classes of attacks that could affect the regular operation of an IPsec-protected network. Therefore, the IPsec protocol and its possible weaknesses are explained. As practical demonstration of these ideas, an Intrusion Detection Analyzer prototype for an Ericsson Ethernet Interface board was developed to detect anomalous IPsec-protected traffic.

Abstract [sv]

IP security (IPsec) is commonly used for protection in Virtual Private Networks (VPN). It is also used for the protection of traffic between nodes in third generation (3G) mobile networks. The main duty of telecommunication operators is to assure the quality of service and availability of the network for their users. Therefore knowledge of threats that could affect these requirements is of relevance. Denial of Service (DoS) and other attacks could constitute serious threats in 3G networks and, if successful, they could lead to financial and reputation damage for the telecommunication operator. One of the goals of each telecommunications vendor is to produce equipment and software in such a way as to reduce the risk of successful attacks upon networks built using their equipment and software. This master’s thesis aims to identify the classes of attacks that could affect the regular operation of an IPsec-protected network. Therefore, the IPsec protocol and its possible weaknesses are explained. As practical demonstration of these ideas, an Intrusion Detection Analyzer prototype for an Ericsson Ethernet Interface board was developed to detect anomalous IPsec-protected traffic.

Ort, förlag, år, upplaga, sidor
2008. , 91 s.
Serie
Trita-ICT-COS, ISSN 1653-6347 ; COS/CCS 2008-05
Nyckelord [en]
IPsec, IDS, Intrusion, Attack, Detection, VPN, 3G, ET-MFX, Security
Nationell ämneskategori
Kommunikationssystem
Identifikatorer
URN: urn:nbn:se:kth:diva-91865OAI: oai:DiVA.org:kth-91865DiVA: diva2:511451
Ämne / kurs
Datorkommunikation
Presentation
2008-03-19, Seminar room Grimeton, Isafjordsgatan 22, Kista, 13:00 (Engelska)
Uppsök
teknik
Handledare
Examinatorer
Tillgänglig från: 2012-03-23 Skapad: 2012-03-21 Senast uppdaterad: 2013-09-09Bibliografiskt granskad

Open Access i DiVA

fulltext(4741 kB)1255 nedladdningar
Filinformation
Filnamn FULLTEXT01.pdfFilstorlek 4741 kBChecksumma SHA-512
b8955131011c2380a55ae7dd6ed40f54bebb3b1af7454ccd47eeb0d2bcf991d105fef8a891ddcb8071186844bfaa7feaea908fd23d1cc24f14e95a22ad62ecad
Typ fulltextMimetyp application/pdf

Sök vidare i DiVA

Av författaren/redaktören
Amso, JulianFaienza, Achille
Av organisationen
Kommunikationssystem, CoS
Kommunikationssystem

Sök vidare utanför DiVA

GoogleGoogle Scholar
Antalet nedladdningar är summan av nedladdningar för alla fulltexter. Det kan inkludera t.ex tidigare versioner som nu inte längre är tillgängliga.

urn-nbn

Altmetricpoäng

urn-nbn
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf