ITACA: Flexible, Scalable Network Analysis
Real-time analysis is vital to network security and management. Solutions are required that are scalable to modern network speeds while remaining flexible to ensure the latest analysis techniques can be implemented. This paper presents the Internet Traffic And Content Analyzer (ITACA), an extendable general analysis tool that enables the implementation of plugins to perform specific tasks. Designed with a modular architecture akin to hardware, it is shown, with experiments on real network traffic, to outperform Bro and Snort IDSs in terms of throughput and scalability while offering increased flexibility for real-time analysis.