Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
IPsec Intrusion Detection Analysis: Using data from an Ericsson Ethernet Interface Board
KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS. (CCSlab)
KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS. (CCSlab)
2008 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

IP security (IPsec) is commonly used for protection in Virtual Private Networks (VPN). It is also used for the protection of traffic between nodes in third generation (3G) mobile networks. The main duty of telecommunication operators is to assure the quality of service and availability of the network for their users. Therefore knowledge of threats that could affect these requirements is of relevance. Denial of Service (DoS) and other attacks could constitute serious threats in 3G networks and, if successful, they could lead to financial and reputation damage for the telecommunication operator. One of the goals of each telecommunications vendor is to produce equipment and software in such a way as to reduce the risk of successful attacks upon networks built using their equipment and software. This master’s thesis aims to identify the classes of attacks that could affect the regular operation of an IPsec-protected network. Therefore, the IPsec protocol and its possible weaknesses are explained. As practical demonstration of these ideas, an Intrusion Detection Analyzer prototype for an Ericsson Ethernet Interface board was developed to detect anomalous IPsec-protected traffic.

Abstract [sv]

IP security (IPsec) is commonly used for protection in Virtual Private Networks (VPN). It is also used for the protection of traffic between nodes in third generation (3G) mobile networks. The main duty of telecommunication operators is to assure the quality of service and availability of the network for their users. Therefore knowledge of threats that could affect these requirements is of relevance. Denial of Service (DoS) and other attacks could constitute serious threats in 3G networks and, if successful, they could lead to financial and reputation damage for the telecommunication operator. One of the goals of each telecommunications vendor is to produce equipment and software in such a way as to reduce the risk of successful attacks upon networks built using their equipment and software. This master’s thesis aims to identify the classes of attacks that could affect the regular operation of an IPsec-protected network. Therefore, the IPsec protocol and its possible weaknesses are explained. As practical demonstration of these ideas, an Intrusion Detection Analyzer prototype for an Ericsson Ethernet Interface board was developed to detect anomalous IPsec-protected traffic.

Place, publisher, year, edition, pages
2008. , 91 p.
Series
Trita-ICT-COS, ISSN 1653-6347 ; COS/CCS 2008-05
Keyword [en]
IPsec, IDS, Intrusion, Attack, Detection, VPN, 3G, ET-MFX, Security
National Category
Communication Systems
Identifiers
URN: urn:nbn:se:kth:diva-91865OAI: oai:DiVA.org:kth-91865DiVA: diva2:511451
Subject / course
Computer Communication
Presentation
2008-03-19, Seminar room Grimeton, Isafjordsgatan 22, Kista, 13:00 (English)
Uppsok
Technology
Supervisors
Examiners
Available from: 2012-03-23 Created: 2012-03-21 Last updated: 2013-09-09Bibliographically approved

Open Access in DiVA

fulltext(4741 kB)1255 downloads
File information
File name FULLTEXT01.pdfFile size 4741 kBChecksum SHA-512
b8955131011c2380a55ae7dd6ed40f54bebb3b1af7454ccd47eeb0d2bcf991d105fef8a891ddcb8071186844bfaa7feaea908fd23d1cc24f14e95a22ad62ecad
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Amso, JulianFaienza, Achille
By organisation
Communication Systems, CoS
Communication Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 1255 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 555 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf