Dear Kay, When I was reading your e-mail I have some ideas that I wish to share with you...
On Thu, Mar 24, 2011 at 6:45 AM, Luis A. Bastiao Silva <[email protected]> wrote: > Hello Kay, > On Thu, Mar 24, 2011 at 7:08 AM, Kay <[email protected]> wrote: >> >> Hi, all >> I am a master student of computer science in University of Science and >> Technology of China and want to participate in GSoC 2011. The focus of my >> lab program lies in building parallel NIDS on multi-core platforms, and >> based on the lab experimens I built a high-performance parallel HTTP parser >> which can achieve at least 5Gbps line rate in a harsh environment. > > Thanks for introduce yourself. It should be a cool research area, for sure! It sounds someone is able to write a possible new Umit application... What you guys think about a personal NIDS (using UMPA)? >> The HTTP parser I built is aimed at measuring network latencies(match the >> request and response to get the time difference). I am experienced with C >> and specialized in network domain knowledge. Frankly speaking, I know Python >> a little and only wrote a few small programs with it. But I think I can >> learn it quickly and use it in the development. It seems you are friend of statistical analysis. So, let me point out one idea: - It is possible to that my machine is being attacked by a port-scan? - Even if the only information I have is the port's time access? > Indeed. If you already know C, enhance Python will not be an issue. > >> >> So I want to do some work in the network domain and found the "5. Packet >> Tracker Platform" suitable for me. The "Jitter based" and >> "Dipacket Inspection: inspect packet contents (e.g. HTTP contents)" is >> related to my previous project. > > Sure. This idea is over network-domain, mainly focuses into > packet analyses. > >> >> However, I found this idea is not that specific. Maybe because my lack of >> domain knowledge or poor in English, I don't quite understand the "Detect >> packets with debit (e.g. more/less than 100Kb/s)" >> >> Can someone give me detailed information about this idea and where I >> should begin with to learn something or make some contributions now? > > Yes, of course. > > Read http://trac.umitproject.org/wiki/PacketManipulator > Checkout source of PacketManipulator > > svn co http://svn.umitproject.org/svnroot/umit/packet-manipulator/trunk > PacketManipulator > > Read http://trac.umitproject.org/wiki/AuditFramework and related links > > In this idea, it expected to has a real-time statistic depend on the amount > of sniffed packets. > > Packets > Multicast/Broadcast packets > IPv4/IPv6 > Bytes > Fragments > Detect retransmissions/error packets > Count of packets by protocol > etc. > > Such information should presented in the GUI of PacketManipulator (for > instance, expand Host Table into Packet Manipulator GUI). > Also, the end-user should be able to configure an alarm/event, e.g. when > detect a specific packet from/to a destination. Such details, should be > exploit into the proposal. More tips: > > Define a threshold of utilization > Define latency threshold > > Finally, to present a GSoC proposal take a look: > > http://www.umitproject.org/?active=gsoc&mode=ideas&lang=en > http://www.umitproject.org/?active=gsoc&mode=tips&lang=en > http://www.google-melange.com/gsoc/org/show/google/gsoc2011/umit > > I'm look forward to discussing more details about this proposal. If you have > any doubts, do not hesitate to contact us for further details. > > >> Thanks a lot! >> --Kay >> >> >> ------------------------------------------------------------------------------ >> Enable your software for Intel(R) Active Management Technology to meet the >> growing manageability and security demands of your customers. Businesses >> are taking advantage of Intel(R) vPro (TM) technology - will your software >> be a part of the solution? Download the Intel(R) Manageability Checker >> today! http://p.sf.net/sfu/intel-dev2devmar >> _______________________________________________ >> Umit-devel mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/umit-devel >> > > > Best Regards, > -- > Luís A. Bastião Silva > Skype: koplabs > http://www.bastiao.org > > ------------------------------------------------------------------------------ > Enable your software for Intel(R) Active Management Technology to meet the > growing manageability and security demands of your customers. Businesses > are taking advantage of Intel(R) vPro (TM) technology - will your software > be a part of the solution? Download the Intel(R) Manageability Checker > today! http://p.sf.net/sfu/intel-dev2devmar > _______________________________________________ > Umit-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/umit-devel -- Att, João Medeiros ------------------------------------------------------------------------------ Enable your software for Intel(R) Active Management Technology to meet the growing manageability and security demands of your customers. Businesses are taking advantage of Intel(R) vPro (TM) technology - will your software be a part of the solution? Download the Intel(R) Manageability Checker today! http://p.sf.net/sfu/intel-dev2devmar _______________________________________________ Umit-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/umit-devel
