WinSight is a distributed firewall and network monitoring system capable of considering packets' host context when making flow decisions and is developed for Windows 7. To increase defense against internal network threats, such as worms and compromised machines, we developed both an agent and a controller which follows a popular standard called OpenFlow. Our testing showed WinSight is able to successfully block traffic based on context data and deep packet inspection with a moderate performance impact, with the first packet of each flow most affected. There were also rare, yet significant delays when reinjecting packets into the host's network stack.

• This report represents the work of one or more WPI undergraduate students submitted to the faculty as evidence of completion of a degree requirement. WPI routinely publishes these reports on its website without editorial or peer review.

Creator

• Moore, Julian Reed
• Ammeson, Brett Lowell
• French, Michael Wallace

Publisher

• Worcester Polytechnic Institute

Identifier

• E-project-042716-101359

Advisor

• Shue, Craig A.

Year

• 2016

Date created

• 2016-04-27

Resource type

• Major Qualifying Project

Major

• Computer Science

Rights statement

• In Copyright