Details
| DOI: | 10.22667/JOWUA.2021.12.31.089 |
|---|---|
| Publication type: | Article |
| Journal: | JoWUA: Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications |
| Publisher: | Innovative Information Science & Technology Research Group |
| Publication date: | 2021-12-31 |
Abstract
Modern applications and services increasingly leverage network infrastructures, cyber-physical sys- tems and distributed computing paradigms to offer unprecedented pervasive and immersive expe- rience to users. Unfortunately, the massive usage of virtualization models, the mix of public and private infrastructures, and the large adoption of service-oriented architectures make the deployment and operation of traditional cyber-security appliances difficult. Although cyber-security architectures are already migrating towards distributed models and smarter detectors to account for ever-evolving forms of malware and attacks, they still miss effective and efficient mechanisms to programmati- cally inspect these new environments. In this paper, we investigate the use of the extended Berkeley Packet Filter for inspecting network communications. We show how this framework can be employed to selectively gather various information describing a network conversation (e.g., packet headers), in order to spot emerging threats like malicious software taking advantage of hidden communications. Results indicate that our approach can be used to inspect network traffic in a more efficient way com- pared to other traditional mechanisms.
Authors
- Marco Zuppelli
This email address is being protected from spambots. You need JavaScript enabled to view it.
National Research Council of Italy
Genoa, Italy - Matteo Repetto
This email address is being protected from spambots. You need JavaScript enabled to view it.
National Research Council of Italy
Genoa, Italy