Vortex: Large Scale Distributed Traffic Aggratation for Network Security Systems
Network Security Analysis Systems require access to large amounts of network
traffic in order to provide relevant analysis results. Classical aggregation
techniques are both difficult and/or expensive to deploy, and are often
impractical for unaffiliated or underfunded researchers. Vortex is an
implementation of a Cooperative Selective Wormhole that provides large scale
and distributed traffic aggregation at no cost to the Network Security System
Operator. Vortex relies on volunteers to donate bandwidth and unused network
ports to the system, and delivers traffic that would otherwise be dropped
back to a centralized analysis backend.
Vortex: Enabling Cooperative Selective Wormholes, (UC Santa Barbara 2007) (powerpoint)
Papers
J. Lange, P. Dinda, F. Bustamante, Vortex: Enabling Cooperative
Selective Wormholing for Network Security Systems, Proceedings of the
10th International Symposium on Recent Advances in Intrusion Detection (RAID
2007), (PDF)
