CFP last date
20 January 2025
Reseach Article

An Insight in to Network Traffic Analysis using Packet Sniffer

by Jhilam Biswas, Ashutosh
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 94 - Number 11
Year of Publication: 2014
Authors: Jhilam Biswas, Ashutosh
10.5120/16391-5975

Jhilam Biswas, Ashutosh . An Insight in to Network Traffic Analysis using Packet Sniffer. International Journal of Computer Applications. 94, 11 ( May 2014), 39-44. DOI=10.5120/16391-5975

@article{ 10.5120/16391-5975,
author = { Jhilam Biswas, Ashutosh },
title = { An Insight in to Network Traffic Analysis using Packet Sniffer },
journal = { International Journal of Computer Applications },
issue_date = { May 2014 },
volume = { 94 },
number = { 11 },
month = { May },
year = { 2014 },
issn = { 0975-8887 },
pages = { 39-44 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume94/number11/16391-5975/ },
doi = { 10.5120/16391-5975 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:17:24.985810+05:30
%A Jhilam Biswas
%A Ashutosh
%T An Insight in to Network Traffic Analysis using Packet Sniffer
%J International Journal of Computer Applications
%@ 0975-8887
%V 94
%N 11
%P 39-44
%D 2014
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Slowdown in the network performance can cause serious concern to network analysts, leading to loss in resources. Such cases are not easy to deal with, due to the lack of time and resources available. Lack of awareness about appropriate tools which detect the attacks or not knowing exactly why a loss in network performance is occurring are some other factors. Connectivity loss or shutting down of terminals within the network for unknown reasons are among the other problems. Mostly, the cause of these problems cannot be detected accurately and is concluded due to poor network architecture, such as inefficiently configured broadcast storms, spanning-tree, usage of unsuitable routing protocols within the network domain, redundant links etc. However, sometimes the cause could be due to attacks by unknown third parties that try to put the web server out-of-service through means of a DoS (Denial of Service) attack, sending traffic with a poisoned ARP in an attempt to discover hosts to infect, or by simply infecting ports with malware to form part of an alien network or botnet. In all these cases, knowing the source of the attack is the first step towards taking appropriate action and achieving correct protection. That is when packet sniffers can be extremely useful to detect, analyze and map traffic. Such packet sniffers identify threats to the network and limit their harmful consequences.

References
  1. Wireshark Documentation: http://www. wireshark. org/docs/wsug_html_chunked/index. html
  2. Stolze M, Pawlitzek R and Hild S (2009a) Task Support for Network Security Monitoring. In ACM CHI Workshop on System Administrators Are Users, Too: Designing Workspaces for Managing Internet-Scale Systems.
  3. Madsen, P. , Koga, Y. , Takahashi, K. : Federated identity management for protecting users from ID theft Proceedings of the 2005 workshop on Digital identity management Fairfax, VA, USA (2010) 77-83
  4. Gouda, M. G. , Liu, A. X. , Leung, L. M. , Alam, M. A. : Single Password, Multiple Accounts. Proceedings of 3rd Applied Cryptography and Network Security Conference (industry track), New York City, New York (2008)
  5. Riley, S. : Password Security: What Users Know and What They Actually Do. Usability News, Vol. 2006. Software Usability Research Laboratory, Department of Psychology, Wichita State University, Wichita (2009)
  6. 2010 18th IEEE Symposium on High Performance Interconnects Innovating in Your Network with OpenFlow: A Hands-on Tutorial
  7. 2011 Fourth International Joint Conference on Computational Sciences and Optimization: Application Design of Data Packet Capturing Based on Sharpcap
  8. The 6th International Conference on Computer Science & Education (ICCSE 2011) August 3-5, 2011. SuperStar Virgo, Singapore: Application of Mini Case Study in Computer Networks
  9. Andrew S. Tanenbaum, "Computer Networks. " 4th ed. Beijing: Tsinghua University Press, 2004, pp. 41.
  10. IEEE 2008 publication: Bottleneck Analysis of Traffic Monitoring using Wireshark
  11. I. Kim, J. Moon, H. Y. Yeom, "Timer-Based Interrupt Mitigation for High Performance Packet Processing," in Proc. 5th International Conference on High-Performance Computing, (Asia-Pacific Region, 2011).
  12. J. Cleary, S. Donnelly, I. Graham, "Design Principles for Accurate Passive Measurement in Networks," in Proc. PAM2000 Passive and Active Measurement Workshop (Apr. 2000).
  13. Traffic Analysis with Wireshark, February 2011, Author: Borja Merino Febrer, The National Communications Technology Institute (Instituto Nacional de Tecnologías de la Comunicación - INTECO) Manuel Belda, from Valencia's Computer Security Incident Response Team (CSIRT-cv) and Eduardo Carozo Blumsztein from the ANTEL CSIRT of Uruguay.
  14. Di Guangqun, Hu Guijang. "Development and implementation of packet sniffer", CNKI: SUN: WJSJ. 0. 2009-21- 082. pp. 1-5, 2009
Index Terms

Computer Science
Information Sciences

Keywords

Packet sniffing tools Wireshark LAN attacks