Faculty Advisor

Shue, Craig A.

Abstract

WinSight is a distributed firewall and network monitoring system capable of considering packets' host context when making flow decisions and is developed for Windows 7. To increase defense against internal network threats, such as worms and compromised machines, we developed both an agent and a controller which follows a popular standard called OpenFlow. Our testing showed WinSight is able to successfully block traffic based on context data and deep packet inspection with a moderate performance impact, with the first packet of each flow most affected. There were also rare, yet significant delays when reinjecting packets into the host's network stack.

Publisher

Worcester Polytechnic Institute

Date Accepted

April 2016

Major

Computer Science

Major

Interactive Media and Game Development

Project Type

Major Qualifying Project

Accessibility

Unrestricted

Advisor Department

Computer Science

Your accessibility may vary due to other restrictions.

Share

COinS