A New Hybrid Network Sniffer Model Based on Pcap Language and Sockets (Pcapsocks)
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2016, Vol 7, Issue 2
Abstract
Nowadays, the protection and the security of data transited within computer networks represent a real challenge for developers of computer applications and network administrators. The Intrusion Detection System and Intrusion Prevention System are the reliable techniques for a Good security. Any detected intrusion is based on data collection. So, the collection of an important and significant traffic on the monitored systems is an interesting feature. Thus, the first task of Intrusion Detection System and Intrusion Prevention System is to collect information’s basis to treat and analyze them, and to make accurate decisions. Network analysis can be used to improve networks performances and their security, but it can also be used for malicious tasks. Our main goal in this article is to design a reliable and powerful network sniffer, called PcapSockS, based on pcap language and sockets, able to intercept traffic in three modes: connected, connectionless and raw mode. We start with the performances assessment performed on a list of most expanded and most recently used network sniffers. The study will be completed by a classification of these sniffers related to computer security objectives based on parameters library (libpcap/winpcap or libnet), filtering, availability, software or hardware, alert and real time. The PcapSockS provides a nice performance integrating reliable sniffing mechanisms that allow a supervision taking into account some low and high-level protocols for TCP and UDP network communications.
Authors and Affiliations
Azidine GUEZZAZ, Ahmed ASIMI, Yassine SADQI, Younes ASIMI, Zakariae TBATOU
Keywords
Related Articles
- EP ID EP159280
- DOI 10.14569/IJACSA.2016.070228
- Views 98
- Downloads 0
Balancing a Sphere in a Linear Oscillatory Movement through Fuzzy Control
The following paper describes an intelligent control problem, which depends on the balance of a metallic sphere on a beam, that oscillates in only one point, localized in the middle of the beam, using it for the ba...
Hashtag the Tweets: Experimental Evaluation of Semantic Relatedness Measures
On Twitter, hashtags are used to summarize topics of the tweet content and to help search tweets. However, hashtags are created in a free style and thus heterogeneous, increasing difficulty of their usage. Therefore, it...
Improved Hybrid Model in Vehicular Clouds based on Data Types (IHVCDT)
In Vehicular Cloud (VC), vehicles collect data from the surrounding environment and exchange this data among the vehicles and the cloud centers. To do that in an efficient way first we need to organize the vehicles into...
SLA for E-Learning System Based on Cloud Computing
The Service Level Agreement (SLA) becomes an important issue especially over the Cloud Computing and online services that based on the ‘pay-as-you-use’ fashion. Establishing the Service level agreements (SLAs), which can...
Reliable Multicast Transport Protocol: RMTP
- This paper presents the design, implementation, and performance of a reliable multicast transport protocol (RMTP). RMTP is based on a hierarchical structure in which receivers are grouped into local regions or do...