DEVELOPMENT OF APPLICATION FOR SIMPLE NETWORK TRAFFIC FILES ANALYSIS USING PYTHON

T.M. Herei, V.I. Bukovetskyi, T.V. Matovka, V.M. Rizak

Èlektron. model. 2022, 44(6):86-101

https://doi.org/10.15407/emodel.44.06.086

ABSTRACT

The object of this study is software for analyzing network traffic. The analysis of the most popular packet analyzers shows that most of them require significant technical skills and experience in working with network traffic from the user. Some of them have a complex and difficult to perceive graphical user interface. Therefore, an application was developed that is easy to use, has sufficient functionality for quick analysis and requires a minimum of system resources.

The program works with a command line interface. The application allows the user to conduct an initial analysis of a network traffic file with the *.pcap extension. The main functions of the program include: viewing the IP and MAC addresses available in the file; displaying packet exchange between two hosts; viewing all packages for a certain period of time; viewing services to which connections were made. The created application will allow users even without professional training to conduct a basic analysis of intercepted network traffic.

KEYWORDS

computer network, sniffing, traffic analyzer, Python.

REFERENCES

  1. Forshaw, J. (2018), Attacking network protocols, a Hacker's Guide to capture, analysis, and Exploitation, No Starch Press, San Francisco, California.
  2. Graham, D.G. (2021), Ethical hacking: A hands-on introduction to breaking in, No Starch Press, San Francisco, California, USA.
  3. Sanders, C. (2017), Practical packet analysis: Using Wireshark to solve real-world network problems, No Starch Press, San Francisco, California.
  4. Nainar, N.K., Ramdoss, Y. and Orzach, Y. (2018), Network analysis using Wireshark 2 cookbook: Practical recipes to analyze and secure your network using Wireshark 2, Packt Publishing, Birmingham, UK.
  5. Tanenbaum, A.S., Wetherall, D. and Feamster, N. (2021), Pearson, Computer Networks, Harlow.
  6. Samuel, A. (2021), Network Ethical Hacking and Penetration Testing, Kindle Edition, Amazon.
  7. Jain, V. (2022), “Getting Familiar with Wireshark, In: Wireshark fundamentals a network engineer's handbook to analyzing network traffic”, Apress, pp. 35-
    https://doi.org/10.1007/978-1-4842-8002-7_2
  8. What is Wireshark and how to use it?, CompTIA, available at: https://www.comptia.org/content/articles/what-is-wireshark-and-how-to-use-it (accessed May 26, 2022).
  9. Best 10 Packet Sniffer and Capture Tools, DNSstuff, available at: https://www.dnsstuff.com/packet-sniffers (accessed May 23, 2022).
  10. Awodele, O., Oluwabukola, O., Ogbonna, C. and Ajayi, A. (2015), Packet sniffer – A comparative characteristic evaluation study, InSITE Conference.
    https://doi.org/10.28945/2123
  11. Rehim, R. (2016), Effective python penetration testing: PEN test your system like a pro and overcome vulnerabilities by leveraging python scripts, libraries, and Tools, Packt Publi­shing, Birmingham, UK.
  12. Ortega, J.M. (2020), Mastering python for networking and security: Leverage the scripts and libraries of python version 3.7 and beyond to overcome networking and security issues, Packt Publishing, Birmingham, UK.
  13. 2500+ IP malicious IP addresses, available at: https://gist.github.com/cephurs/26b67f9320b23b3dc863 (accessed May 5, 2022).

Full text: PDF