Thesis Details
Nástroj pro zachycení síťového provozu s aplikačním tagem
Network traffic capture and analysis are useful in case we are looking for problems in our network, or when we want to know more about applications and their network communication. This paper aims on the process of network applications identification that run on the local host and their associating with captured packets. The goal of this project is to design a multi-platform application that captures network traffic and extends the capture file with application tags. Operations that can be done independently are parallelized to speed up packet processing and reduce packet loss. An application is being determined for every (both incoming and outgoing) packet. Records of all identified applications are stored in an application cache with information about its sockets to save time and not to search for already known applications. It's important to update the cache periodically because an application in the cache may close a connection at any time. Finally, gathered information is saved to the end of pcap-ng file as a separate pcap-ng block.
Network Traffic Capture, Network sniffing, Network Application Identification, Network traffic, Network monitoring
Křivka Zbyněk, Ing., Ph.D. (DIFS FIT BUT), člen
Szőke Igor, Ing., Ph.D. (DCGM FIT BUT), člen
Zachariášová Marcela, Ing., Ph.D. (DCSY FIT BUT), člen
Zbořil František, doc. Ing., Ph.D. (DITS FIT BUT), člen
@bachelorsthesis{FITBT20013,
author = "Jozef Zuzelka",
type = "Bachelor's thesis",
title = "N\'{a}stroj pro zachycen\'{i} s\'{i}\v{t}ov\'{e}ho provozu s aplika\v{c}n\'{i}m tagem",
school = "Brno University of Technology, Faculty of Information Technology",
year = 2017,
location = "Brno, CZ",
language = "czech",
url = "https://www.fit.vut.cz/study/thesis/20013/"
}