Herramienta de Captura y Análisis Concurrente de Tráfico en Redes de Alta Velocidad

Igor Delgado, Alfredo Beaumont, Jose Oscar Fajardo
XIX Simposium Nacional URSI. Barcelona, Spain. September, 2004

As networks become faster, traffic analizers and network intrusion detections systems have big problems handling all the traffic of a network. As a result of the investigation on this topic, looking for parallelism in the processing of the captured traffic, this document presents a tool designed for high-speed network traffic analysis. The tool is based on the concurrent analysis of multiple instances, using shared memory as an interface among instances and between modules of the system. The system includes a powerful rule language with adds big flexibility to the system, and so the tool may work in different areas involving traffic analysis, including both for Intrusion Detection System (IDS) and Quality of Service (QoS) analysis.<\/span>