University of Houston

Implemented a Packet Capture and Analysis System

for a variety of Network Traffic Analysis

As the use of Internet becomes more common and widespread, people are paying more attention on network security field. As one of the most important network security technologies, intrusion detection systems (IDS) have become popular as an application tool of protecting Internet users. Currently, there are many algorithms and methods to support IDS. However, since many attacks use spoofed IP addresses, dealing with attackers is not as trivial as imagined. In recent years, new methods of detecting stepping-stone intrusions are developed by researchers to enhance the effectiveness of capturing hackers. There are various algorithms supporting stepping stone intrusion detections. The differences lied in those methods is how they take advantage of the information the packets carry. However, the existing tools are not flexible enough to provide these functionalities. Thus, we developed a Packet Capturing and Analysis System (PCAS) to solve this problem. It extends the capability of monitoring, capturing and analyzing packets, provides high flexibility on filtering different kinds of packets. Besides, the capability to do real-time analysis will greatly help network administrator to find the hackers’ behavior patterns.

Date: Tuesday, April 22, 2008
Time: 5:00 PM
Place: 550-PGH

Faculty, students, and the general public are invited.
Advisor: Prof Steven Huang