Lightweight Middlebox TCP
Gaillard, Romain
Promoteur(s) : Mathy, Laurent
Date de soutenance : 8-sep-2016/9-sep-2016 • URL permanente : http://hdl.handle.net/2268.2/1626
Détails
Titre : | Lightweight Middlebox TCP |
Auteur : | Gaillard, Romain |
Date de soutenance : | 8-sep-2016/9-sep-2016 |
Promoteur(s) : | Mathy, Laurent |
Membre(s) du jury : | Leduc, Guy
Barbette, Tom Boigelot, Bernard |
Langue : | Anglais |
Nombre de pages : | 72 |
Mots-clés : | [en] middlebox [en] tcp [en] network |
Discipline(s) : | Ingénierie, informatique & technologie > Sciences informatiques |
Institution(s) : | Université de Liège, Liège, Belgique |
Diplôme : | Master en sciences informatiques, à finalité approfondie |
Faculté : | Mémoires de la Faculté des Sciences appliquées |
Résumé
[en] Nowadays, middleboxes are important actors of the Internet and they are used in many contexts such as network address translation, firewalls, load balancers, and intrusion detection systems, among others. Consequently, their implementation can have a great impact on the performance of networks and it is thus crucial to ensure that they do not become bottlenecks.
The objective of this work is to develop a lightweight and middlebox-oriented TCP stack that takes into account the specificities of the context in which middleboxes work in order to provide them with the ability to inspect and modify the traffic, as well as inject packets. All of this on the fly. This manuscript first describes the architecture of the developed framework, listing its components and functionalities, and how to use them to create middleboxes.
We then continue by providing information about the development and the design of the framework, describing the underlying data structures. In addition, we detail the algorithms at the heart of the TCP stack as well as the corresponding time complexities and we explain why they are important to achieve our goals.
The results indicate that it is possible to use this framework to implement a middlebox that performs deep packet inspection with a small and constant overhead. On the other hand, when the middlebox starts modifying the flows, the overhead becomes linear regarding the size of the content. We show that the modularity of the framework we developed allows the users to mitigate the induced overhead by selecting only the features they need.
Finally, we list some elements that could not be implemented in this work, proposing some improvements to the present work that could be made in the future in order to extend it.
Fichier(s)
Document(s)
Annexe(s)
Citer ce mémoire
L'Université de Liège ne garantit pas la qualité scientifique de ces travaux d'étudiants ni l'exactitude de l'ensemble des informations qu'ils contiennent.