In addition, the case studies in this paper illustrate the idea of using Wireshark to identify new attack vectors. The purpose of this paper is to demonstrate how Wireshark is applied in network protocol diagnosis and can be used to discover traditional network attacks such as port scanning, covert FTP and IRC channels, ICMP-based attacks, BitTorrent-driven denial service, and etc. In this regard, Wireshark can be used in identifying and categorising various types of attack signatures. Wireshark proves to be an effective open source tool in the study of network packets and their behaviour. Today, network administrators need to be able to investigate and analyse the network traffic to understand what is happening and to deploy immediate response in case of an identified attack. In addition, the case studies in this paper illustrate the idea of using Wireshark to identify new attack vectors.ĪB - The number and types of attacks against networked computer systems have raised the importance of network security. Today, network administrators need to be able to investigate and analyse the network traffic to understand what is happening and to deploy immediate response in case of an identified attack. Over the years, Wireshark has become one of the most widely used graphical packet capture and protocol analysis tools (Shimonski, 2013), featuring a highly. N2 - The number and types of attacks against networked computer systems have raised the importance of network security. T1 - Network forensics analysis using WiresharkĬopyright © 2015 Inderscience Enterprises Ltd.Ĭopyright 2020 Elsevier B.V., All rights reserved.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |