By Topic

Behavior based network traffic analysis tool

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Sindhu Kakuru ; Electrical Engineering Department, San Jose State University, San Jose CA, 95112

Pattern matching systems are mainly based on network models, which are formed from detailed analysis of user statistics and network traffic. These models are used in developing traffic analysis tools. This paper focuses on development of a behavior analysis tool on any operating system and its use on detecting internal active/passive attacks. Many kinds of tools and firewalls are in market to help network administrator to prevent intrusion from outside network, but very few tools to stop attacks from internal part of the network. This tool provides a way to detect any unusual behavior by a legitimate user in a network. It uses packet sniffer like Wireshark to record log traffic over a network. Furthermore, behavioral analysis is carried in two phases. In the first phase, Wireshark records the user's interaction with the network for a period of time and is stored in database. In second phase, current activity is compared to the past activity and notifies any new behavior to network administrator. This tool adds an additional layer of security along with the intrusion detection systems available from any network attacks. Many additional features can be incorporated in this tool for future enhancement.

Published in:

Communication Software and Networks (ICCSN), 2011 IEEE 3rd International Conference on

Date of Conference:

27-29 May 2011