|Title:||Distributed Architecture for Real-Time Traffic Analysis|
|Supervisor:||Prof. Dr. Burkhard Stiller|
|Committee:||Prof. Dr. Burkharad Stiller, NN|
|Funding:||University of Zurich|
Cristian Morariu received his Masters Degree from Technical University of Cluj-Napoca, Romania in June 2004 after 4.5 years of studies. His major at the Faculty of Automation and Computer Science, was performed in Computer Science. While holding an ERASMUS scholarship he developed his Master Thesis at the Swiss Federal Institute of Technology (ETHZ), Laboratory of Software Technology. Since September 2004 he is a doctoral student at the University of Zurich, Department of Informatics, Communication Systems Group. His main interests are in the area of IP accounting and distributed architectures for traffic analysis.
PhD project description
The goal of this doctoral thesis is the design and prototypical implementation of an architecture for distributed analysis of IP traffic. As network link speeds increase year-by-year having stand-alone devices that perform traffic analysis becomes unfeasible. A distributed platform for traffic analysis would leverage the processing requirements of such a task by combining resources of multiple devices performing traffic analysis. The thesis shall investigate three different areas of traffic analysis: capturing data on high-speed links, analysis of captured data, and storage of analysis results for further processing by third-party applications.
Brief description of the scope and objectives of the PhD thesis:
- Evaluation of existing traffic monitoring tools and approaches
- Analysis of requirements for a generic traffic analysis platform using at least two different scenarios
- Design of the architecture
- Prototypical implementation of the distributed platform for traffic analysis
- Evaluation of the approach based on the prototypical implementation
- A. Sperotto, G. Schaffrath, R. Sadre, C. Morariu, A. Pras, B. Stiller: An Overview of IP Flow-based Intrusion Detection. IEEE Communications Surverys & Tutorials, IEEE, Vol. (to appear), June 2010.
- C. Morariu, P. Racz, B. Stiller: SCRIPT: A Framework for Scalable Real-time IP Flow Record Analysis. 12th IEEE/IFIP Network Operations and Management Symposium (NOMS 2010), IEEE, Osaka, Japan, April 2010.
- C. Morariu, P. Racz, B. Stiller: Design and Implementation of a Distributed Platform for Sharing IP Flow Records. 20th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management (DSOM 2009), IEEE, Venice, Italy, October 2009.
- C. Morariu, B. Stiller: DiCAP: Distributed Packet Capturing Architecture for High-Speed Network Links. Vol. 33rd Annual IEEE Conference on Local Computer Networks (LCN), October 2008.
- F. V. Hecht, T. Bocek, C. Morariu, D. Hausheer, B. Stiller: LiveShift: Peer-to-peer Live Streaming with Distributed Time-Shifting. Eighth International Conference on Peer-to-Peer Computing (P2P08), Aachen, Germany, September 2008.
- C. Morariu, T. Kramis, B. Stiller: DIPStorage: Distributed Architecture for Storage of IP Flow Records. Cluj-Napoca, Romania, Vol. 16th Workshop on Local and Metropolitan Area Networks, September 2008.
- C. Morariu, M. Feier, B. Stiller: LINUBIA: A Linux-supported User-Based IP Accounting. 18th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management (DSOM 2007), San Jose, USA, October 2007.
- C. Morariu, B. Stiller: A Distributed Architecture for IP Traffic Analysis. Autonomous Infrastructure, Management and Security (AIMS 2007), Oslo, Norway, June 2007.