High-Speed Intrusion Detection System for Network Security

Apple Inc. is a multinational technology company. They design, manufacture, and market a variety of electronic devices, software, and online services. Their product portfolio includes the iPhone, iPad, Mac, Apple Watch, and Apple TV, as well as a suite of professional and consumer software applications.

Customer

Apple Inc.

Location

California, USA

Industry

Software & Hi-Tech

Company’s Request

Apple Inc. needed expertise in developing internal solutions specifically designed to examine vast volumes of network traffic. The primary objective was to detect suspicious activity, improve their cybersecurity procedures, and assess the efficiency of various technologies in attaining these objectives.

Similar Project Idea?

Submit your requirements and we will contact you

Technology Set

Python

C

Go

Rust

AWS

Testimony

Suricata

eBPF

nDPI

Zeek

Our team built a tool to look at a lot of network traffic data. Effective and consistent performance was guaranteed by testing and implementing the solution on dedicated servers, making fast big-data analysis possible. The tool optimizes resource usage by operating within the kernel space, allowing for more efficient packet filtering, which makes the system work better. It includes an alert method for spotting harmful network packets, thereby making the infrastructure safer. 

Throughout the project, our developers strategically switched between various packet inspection technologies, including Zeek, Suricata, Cosmos, and eBPF parsing, to achieve the most efficient and effective results. 


Combined traffic (80% https(tls), 10% http, 3% dns, 3% ssh, 4% ftp) Result: Lower memory usage for nDPI (50 MB) and ~250MB for Zeek

We added a load balancing feature for Zeek and Suricata, doubling Testimony’s performance rates for quicker, safer packet transfer. The Suricata ssh protocol parser was also improved to spot harmful network traffic. As a result, this all-in-one tool met our client’s needs for fast big data analysis, network safety, and better system performance.


Testing setup

While the specifics of how our solution is utilized within the client’s infrastructure remain proprietary to Apple Inc, we maintain an ongoing feedback loop with them to make sure our software continues to meet their needs and can be adapted as required. Our team conducts rigorous testing of the solution on AWS, demonstrating its adaptability and scalability in a cloud environment.

Value Delivered

Performance 
The solution handled enormous volumes of network traffic data with ease and showed consistent performance that complied with expectations.

Security
By detecting and isolating harmful network packets, the solution significantly improves network security.

Customization 
To make sure that the solution integrates seamlessly into existing infrastructure, the pre-packaged VMs have been customized to suit the client’s needs.

Efficiency 
The technology makes massive data analysis possible at high speeds, helping to make data-driven decisions more swiftly.

Scalability 
The solution is scalable across numerous data centers, facilitating efficient big-data analysis on a significant hierarchy.

Related Cases

Enhancing AWS IoT System Scalability and Efficiency

Optimization of AWS IoT System to enhance scalability and increase efficiency.

Enhancing Operational Efficiency through Intuitive IoT Device Management UI

Expert development of a comprehensive UI for IoT device management with extended operational efficiency.

Ultra-Wideband RTLS for Warehouse Operations and Asset Tracking

An IoT sensor network for warehouse management, designed to enhance operational efficiency and inventory tracking.

Full-Scale Technological Upgrade for Industrial Metrics and Analytics

Holistic Approach to Monitoring & Data Management

Increasing the Scalability of a Cloud-Based System for IoT Products

Optimized AWS IoT system for advanced scalability and efficiency.