Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Protocol Packet Analysis By: Daniel Ruiz.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Network Protocol Packet Analysis By: Daniel Ruiz."— Presentation transcript:

1 Network Protocol Packet Analysis By: Daniel Ruiz

2 Overview How to Capturing Packets ▫WireShark ▫Lua Analyzing Packets ▫Principle Component Analysis (PCA)

3 WireShark Best Open Source Packet Analyzer available today Used in ICTF Multi-platform runs on Linux, Window, OS X and many others Live capture and offline analysis Much Much More!!!

4 Lua Lua is a powerful light-weight programming language designed for extending applications Very is to use API Allows for scripting in Wireshark Lua can be used to write dissectors, post-dissectors and taps.

5 Analyzing Packets Tshark is able to detect, read and write the same capture file that are supported by WireShark To detect ▫Tshark.exe –i eth0 –x To read ▫Tshark.exe –r “file” –x To write ▫Tshark.exe –i eht0 –x –w “file” Understand the software tools before writing them yourself!

6 Pictures and Packets Good PacketMalicious Packet

7 Principle Component Analysis Use PCA instead of convolution with FFT PCA takes your cloud of data points, and rotates it such that the maximum variability is visible (most important gradients). Maximum variability is found by the Eigen values of each packet Packets with malicious data should have different gradients than those with good data Data Cloud Gradient Abundance

8 Improvements Use Neural Network to recognize malicious Eigen values Investigate Wavelet PCA PCA and FFT convolution speed analysis

9 Questions?

Download ppt "Network Protocol Packet Analysis By: Daniel Ruiz."

Similar presentations

Presented by: Subek Shakya Sudip Shrestha Sujan Thapa.

Presented by: Subek Shakya Sudip Shrestha Sujan Thapa.
March 2008. Wireshark CA Plugin EPICS Meeting 2008, Shanghai, China. 1 Wireshark CA Plug-in EPICS Channel Access Dissector Kazuro Furukawa, KEK Ron Rechenmacher,

March Wireshark CA Plugin EPICS Meeting 2008, Shanghai, China. 1 Wireshark CA Plug-in EPICS Channel Access Dissector Kazuro Furukawa, KEK Ron Rechenmacher,
JAVA Programming Environment © Juhani Välimäki 2003.

JAVA Programming Environment © Juhani Välimäki 2003.
Lesson 22. Networking Tools. Objective At the end of this Presentation, you will be able to:

Lesson 22. Networking Tools. Objective At the end of this Presentation, you will be able to:
Intrusion Detection Systems By: William Pinkerton and Sean Burnside.

Intrusion Detection Systems By: William Pinkerton and Sean Burnside.
ITIS2110 Lab 9. Scenario There are web network problems at your site Your manager has assigned you to track down the problem  He “highly” suggests you.

ITIS2110 Lab 9. Scenario There are web network problems at your site Your manager has assigned you to track down the problem  He “highly” suggests you.
Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.
SHARKFEST ‘10 | Stanford University | June 14–17, 2010 The Shark Distributed Monitoring System: Distributing Wireshark Deep Packet Analysis to LAN/WAN.

SHARKFEST ‘10 | Stanford University | June 14–17, 2010 The Shark Distributed Monitoring System: Distributing Wireshark Deep Packet Analysis to LAN/WAN.
Dive Even Deeper sysdig – Wireshark for your system.

Dive Even Deeper sysdig – Wireshark for your system.
Database Encryption. Encryption: overview Encrypting Data-in-transit As it is transmitted between client-server Encrypting Data-at-rest Storing data in.

Database Encryption. Encryption: overview Encrypting Data-in-transit As it is transmitted between client-server Encrypting Data-at-rest Storing data in.
Capture Packets using Wireshark. Introduction Wireshark – – Packet analysis software – Open source.

Capture Packets using Wireshark. Introduction Wireshark – – Packet analysis software – Open source.
Wireshark – Introduction Wire 1 Due date: Friday, October 30th.

Wireshark – Introduction Wire 1 Due date: Friday, October 30th.
Mobile Computing Dorota Huizinga Department of Computer Science.

Mobile Computing Dorota Huizinga Department of Computer Science.
UNIX Chapter 01 Overview of Operating Systems Mr. Mohammad A. Smirat.

UNIX Chapter 01 Overview of Operating Systems Mr. Mohammad A. Smirat.
Thraxion: Three Dimensional Action Simulator Justin Gerthoffer, Jon Studebaker, David Colborne, Jeff Stuart, Frederick C. Harris, Jr Department of Computer.

Thraxion: Three Dimensional Action Simulator Justin Gerthoffer, Jon Studebaker, David Colborne, Jeff Stuart, Frederick C. Harris, Jr Department of Computer.
Local Area Network Layer-2 Topology Mapping Local Area Network Layer-2 Topology Mapping Doron Peled Michal Rimmer Supervisor: Zigi Walter Networked Software.

Local Area Network Layer-2 Topology Mapping Local Area Network Layer-2 Topology Mapping Doron Peled Michal Rimmer Supervisor: Zigi Walter Networked Software.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2011 Lecture 10 04/18/2011 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 10 04/18/2011 Security and Privacy in Cloud Computing.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Network Analyzer CS4500 Spring 2004 Hong Jiang Ryan Pratt Raul Chiari By Palantir:

Network Analyzer CS4500 Spring 2004 Hong Jiang Ryan Pratt Raul Chiari By Palantir:

Similar presentations

Ads by Google