A. I. Get'man, Yu. V. Markin, D. O. Obydenkov, V. A. Padaryan, A. Yu. Tikhonov, “Of presenting the results of network traffic analysis”, Proceedings of ISP RAS, 28:6 (2016), 103

Proceedings of the Institute for System Programming of the RAS

RUS ENG

JOURNALS PEOPLE ORGANISATIONS CONFERENCES SEMINARS VIDEO LIBRARY PACKAGE AMSBIB

JavaScript is disabled in your browser. Please switch it on to enable full functionality of the website

	General information
	Latest issue
	Archive

	Search papers
	Search references

	RSS
	Latest issue
	Current issues
	Archive issues
	What is RSS

Proceedings of ISP RAS:
Year:
Volume:
Issue:
Page:
	Find

Personal entry:
Login:
Password:
	Save password
	Enter
	Forgotten password?
	Register

Proceedings of the Institute for System Programming of the RAS, 2016, Volume 28, Issue 6, Pages 103–110
DOI: https://doi.org/10.15514/ISPRAS-2016-28(6)-7 (Mi tisp87)

This article is cited in 1 scientific paper (total in 1 paper)

Of presenting the results of network traffic analysis

A. I. Get'man^a, Yu. V. Markin^a, D. O. Obydenkov^a, V. A. Padaryan^ab, A. Yu. Tikhonov^a

^a Institute for System Programming of the Russian Academy of Sciences
^b Lomonosov Moscow State University

Full-text PDF (1245 kB) Citations (1)

References:

PDF

HTML

DOI: https://doi.org/10.15514/ISPRAS-2016-28(6)-7

Abstract: The article proposes different methods of presenting network traffic analysis results, the need for which arises primarily in the area of network security. One of the most important tasks is to identify malicious traffic. For this purpose both the complete graph of network interactions and time-based packet diagram are presented. These components are used during investigation of information security violation incidents. The timing diagram is also used in analysis of tunneling protocols because it allows the analyst to determine which protocol headers are necessary to visualize. For tasks associated with reverse engineering and debugging of network protocols, it is proposed to use a journal which records protocol header parsing errors. Presented graphic components either have no analogues among the opensource tools or improve on existing opensource solutions.

Keywords: network traffic analysis, network protocols debugging, graph of network interactions, visualization, error log.

Funding agency	Grant number
Russian Foundation for Basic Research	15-07-07652
This work is supported by RFBR grant 15-07-07652 А

Bibliographic databases:

Document Type: Article

Language: Russian

Citation: A. I. Get'man, Yu. V. Markin, D. O. Obydenkov, V. A. Padaryan, A. Yu. Tikhonov, “Of presenting the results of network traffic analysis”, Proceedings of ISP RAS, 28:6 (2016), 103–110

Citation in format AMSBIB

\Bibitem{GetMarOby16}

\by A.~I.~Get'man, Yu.~V.~Markin, D.~O.~Obydenkov, V.~A.~Padaryan, A.~Yu.~Tikhonov

\paper Of presenting the results of network traffic analysis

\jour Proceedings of ISP RAS

\yr 2016

\vol 28

\issue 6

\pages 103--110

\mathnet{http://mi.mathnet.ru/tisp87}

\crossref{https://doi.org/10.15514/ISPRAS-2016-28(6)-7}

\elib{https://elibrary.ru/item.asp?id=27679172}

Linking options:

https://www.mathnet.ru/eng/tisp87

https://www.mathnet.ru/eng/tisp/v28/i6/p103

This publication is cited in the following 1 articles:

Citing articles in Google Scholar: Russian citations, English citations
Related articles in Google Scholar: Russian articles, English articles

Proceedings of the Institute for System Programming of the RAS

Statistics & downloads:
Abstract page:	204
Full-text PDF :	79
References:	29

Что такое QR-код?

Registration to the website

Logotypes