| Issue |
ITM Web Conf.
Volume 21, 2018
Computing in Science and Technology (CST 2018)
|
|
|---|---|---|
| Article Number | 00014 | |
| Number of page(s) | 8 | |
| DOI | https://doi.org/10.1051/itmconf/20182100014 | |
| Published online | 12 October 2018 | |
The possibility of using LACP protocol in anomaly detection systems
1
Deptartament of Complex Systems, Faculty of Electrical and Computer Engineering, Rzeszow University of Technology, al. Powstańców Warszawy 12, 35-959 Rzeszów, Poland
2
Poland piotrekcislo@gmail.com
* Corresponding author: marekb@prz.edu.pl
This article presents the use of the Link Aggregation Control Protocol (LACP) for detection of anomalies in network traffic. The idea itself is based on checking the representativeness of a single LACP link for the whole traffic transmitted by the aggregation. This approach allows to reduce the requirements for the performance of threat detection systems, and thus reduce their implementation costs and the gives a possibility of using probes (IDS or IPS) directly in the core of the network. The authors also examine the influence of hashing algorithms used for the particular LACP link on the possibility of using of developed method and on the level of intrusion detection.
© The Authors, published by EDP Sciences, 2018
This is an open access article distributed under the terms of the Creative Commons Attribution License 4.0 (http://creativecommons.org/licenses/by/4.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.
Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.
Initial download of the metrics may take a while.