OF PRESENTING THE RESULTS OF NETWORK TRAFFIC ANALYSIS
The article proposes different methods of presenting network traffic analysis results, the need for which arises primarily in the area of network security. One of the most important tasks is to identify malicious traffic. For this purpose both the complete graph of network interactions and time-base...
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Ivannikov Institute for System Programming of the Russian Academy of Sciences
2018-10-01
|
| Series: | Труды Института системного программирования РАН |
| Subjects: | |
| Online Access: | https://ispranproceedings.elpub.ru/jour/article/view/206 |
| _version_ | 1818359776480854016 |
|---|---|
| author | A. I. Get'man Yu. V. Markin D. O. Obydenkov V. A. Padaryan A. Yu. Tikhonov |
| author_facet | A. I. Get'man Yu. V. Markin D. O. Obydenkov V. A. Padaryan A. Yu. Tikhonov |
| author_sort | A. I. Get'man |
| collection | DOAJ |
| description | The article proposes different methods of presenting network traffic analysis results, the need for which arises primarily in the area of network security. One of the most important tasks is to identify malicious traffic. For this purpose both the complete graph of network interactions and time-based packet diagram are presented. These components are used during investigation of information security violation incidents. The timing diagram is also used in analysis of tunneling protocols because it allows the analyst to determine which protocol headers are necessary to visualize. For tasks associated with reverse engineering and debugging of network protocols, it is proposed to use a journal which records protocol header parsing errors. Presented graphic components either have no analogues among the opensource tools or improve on existing opensource solutions. |
| first_indexed | 2024-12-13T20:50:16Z |
| format | Article |
| id | doaj.art-c05c75ef20a84842953d9428fd4e8aab |
| institution | Directory Open Access Journal |
| issn | 2079-8156 2220-6426 |
| language | English |
| last_indexed | 2024-12-13T20:50:16Z |
| publishDate | 2018-10-01 |
| publisher | Ivannikov Institute for System Programming of the Russian Academy of Sciences |
| record_format | Article |
| series | Труды Института системного программирования РАН |
| spelling | doaj.art-c05c75ef20a84842953d9428fd4e8aab2022-12-21T23:31:54ZengIvannikov Institute for System Programming of the Russian Academy of SciencesТруды Института системного программирования РАН2079-81562220-64262018-10-0128610311010.15514/ISPRAS-2016-28(6)-7206OF PRESENTING THE RESULTS OF NETWORK TRAFFIC ANALYSISA. I. Get'man0Yu. V. Markin1D. O. Obydenkov2V. A. Padaryan3A. Yu. Tikhonov4Институт системного программирования РАНИнститут системного программирования РАНИнститут системного программирования РАНИнститут системного программирования РАН; Московский государственный университет имени М.В. ЛомоносоваИнститут системного программирования РАНThe article proposes different methods of presenting network traffic analysis results, the need for which arises primarily in the area of network security. One of the most important tasks is to identify malicious traffic. For this purpose both the complete graph of network interactions and time-based packet diagram are presented. These components are used during investigation of information security violation incidents. The timing diagram is also used in analysis of tunneling protocols because it allows the analyst to determine which protocol headers are necessary to visualize. For tasks associated with reverse engineering and debugging of network protocols, it is proposed to use a journal which records protocol header parsing errors. Presented graphic components either have no analogues among the opensource tools or improve on existing opensource solutions.https://ispranproceedings.elpub.ru/jour/article/view/206анализ сетевого трафикаотладка сетевых протоколовграф сетевых взаимодействийвизуализацияжурнал ошибок разбора |
| spellingShingle | A. I. Get'man Yu. V. Markin D. O. Obydenkov V. A. Padaryan A. Yu. Tikhonov OF PRESENTING THE RESULTS OF NETWORK TRAFFIC ANALYSIS Труды Института системного программирования РАН анализ сетевого трафика отладка сетевых протоколов граф сетевых взаимодействий визуализация журнал ошибок разбора |
| title | OF PRESENTING THE RESULTS OF NETWORK TRAFFIC ANALYSIS |
| title_full | OF PRESENTING THE RESULTS OF NETWORK TRAFFIC ANALYSIS |
| title_fullStr | OF PRESENTING THE RESULTS OF NETWORK TRAFFIC ANALYSIS |
| title_full_unstemmed | OF PRESENTING THE RESULTS OF NETWORK TRAFFIC ANALYSIS |
| title_short | OF PRESENTING THE RESULTS OF NETWORK TRAFFIC ANALYSIS |
| title_sort | of presenting the results of network traffic analysis |
| topic | анализ сетевого трафика отладка сетевых протоколов граф сетевых взаимодействий визуализация журнал ошибок разбора |
| url | https://ispranproceedings.elpub.ru/jour/article/view/206 |
| work_keys_str_mv | AT aigetman ofpresentingtheresultsofnetworktrafficanalysis AT yuvmarkin ofpresentingtheresultsofnetworktrafficanalysis AT doobydenkov ofpresentingtheresultsofnetworktrafficanalysis AT vapadaryan ofpresentingtheresultsofnetworktrafficanalysis AT ayutikhonov ofpresentingtheresultsofnetworktrafficanalysis |