An Examination of Protocol-Based Network Traffic Analysis
International Journal of Computer Science (IJCS) Published by SK Research Group of Companies (SKRGC)
Download this PDF format
Abstract
There are situations where network administrators don't have their analysis toolset following their organization's goals. There are existing applications for network traffic capture and analysis. However, the alerting system on these applications is not added. A user not experienced with networking concepts will not be able to understand the generated output in these existing traffic capture systems. This project will develop an application to monitor the traffic in a user laptop connected to an Ethernet or wireless Internet. The application will generate a report with the details of internet traffic; Ethernet, IP, ICMP/or UDP/ or TCP, and Application layer services. It will also rank the used application layer protocols from the one that utilized more bandwidth to the one that utilized the least bandwidth. We will create a loop that keeps on looping to listen for any data that comes across the network connection. Then, this captured data, an Ethernet frame that has IP packet inside which has TCP information, will be passed to various unpacking functions.
References
[1] Afanasyev et al., 2011M. Afanasyev, T. Kohno, J. Ma, N. Murphy, S. Savage, A.C. Snoeren, G.M. VoelkerPrivacy-preserving network forensicsCommun. ACM, 54 (5) (2011), pp. 78-7, 10.1145/1941487.1941508
[2] Agrawal and Tapaswi, 2017N. Agrawal, S. TapaswiThe performance analysis of honeypot based intrusion detection system for wireless networkInt. J. Wirel. Inf. Netw., 24 (1) (2017), pp. 14-26, 10.1007/s10776-016-0330-3
[3] Al-Duwairi and Govindarasu, 2006B. Al-Duwairi, M. GovindarasuNovel hybrid schemes employing packet marking and logging for IP tracebackIEEE T. Parall. Distr., 17 (5) (2006), pp. 403-418, 10.1109/TPDS.2006.63
[4] Alhawi et al., 2018O.M.K. Alhawi, J. Baldwin, A. DehghantanhaLeveraging machine learning techniques for Windows ransomware network traffic detection
[5] Alshammari and Zincir-Heywood, 2015R. Alshammari, A.N. Zincir-HeywoodIdentification of VoIP encrypted traffic using a machine learning approach
[6] J. King Saud Univ. Comput. Inf. Sci., 27 (1) (2015), pp. 77-92, 10.1016/j.jksuci.2014.03.013
[7] Alsmadi et al., 2018I. Alsmadi, R. Burdwell, A. Aleroud, A. Wahbeh, M. Al-Qudah, A. Al-OmariNetwork forensics: lesson plans
[8] Practical Information Security: A Competency-Based Education Course, Springer, Cham (2018), pp. 245-282, 10.1007/978-3-319-72119-4_11
[9] J.R. Vacca (Ed.), Computer and Information Security Handbook (third ed), Morgan Kaufmann, Cambridge, MA, USA (2017), 10.1016/B978-0-12-803843-7.00062-4
[10] Salim et al., 2019M.M. Salim, S. Rathore, J.H. ParkDistributed denial of service attacks and its defenses in IoT: a surveyJ. Supercomput. (2019), 10.1007/s11227-019-02945-z
[11] Sanders, C., 2017. Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems. No Starch Press, San Francisco.
[12] Savage, S., Wetherall, D., Karlin, A., Anderson, T., 2001. Network support for IP traceback. IEEE ACM Trans. Netw. 9 (3), 226-237.
[13] H. Ralph, J. Sprague (Eds.), Proceedings of the 40th Annual Hawaii International Conference on System Sciences, IEEE Computer Society, Los Alamitos, CA, USA (2007), 10.1109/HICSS.2007.617
[14] G. Peterson, S. Shenoi (Eds.), Advances in Digital Forensics XIV, Springer, Cham (2018), pp. 183-197, 10.1007/978-3-319-99277-8_11
[15] P. Biljanovic, Z. Butkovic, K. Skala, B. Mikac, M. Cicin-Sain, V. Sruk, S. Ribaric, S. Gros, B. Vrdoljak, M. Mauher, A. Sokolic (Eds.), 38th International Convention on Information and Communication Technology, Electronics and Microelectronics, IEEE (2015), pp. 1338-1343, 10.1109/MIPRO.2015.7160482
a. Jamalipour, D.-J. Deng (Eds.),
[16] Xiang et al., 2008Y. Xiang, W. Zhou, M. GuoFlexible deterministic packet marking: an IP traceback system to find the real source of attacksIEEE T. Parall. Distr., 20 (4) (2008), pp. 567-580, 10.1109/TPDS.2008.132
[17] Yang et al., 2018J. Yang, Y. Zhang, R. King, T. TolbertSniffing and chaffing network traffic in stepping-stone intrusion detection
[18] L. Barolli, M. Takizawa, T. Enokido, M.R. Ogiela, L. Ogiela, N. Javaid (Eds.), 32nd International Conference on Advanced Information Networking and Applications Workshops, IEEE Computer Society, Los Alamitos, CA, USA (2018), pp. 515-520, 10.1109/WAINA.2018.00137
[19] Yin et al., 2018C. Yin, H. Wang, J. WangNetwork data stream classification by deep packet inspection and machine learning
Keywords
Analyzer, Packet Sniffer, Network Analyzer, Packet Analyzer