Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

A Design of Network Traffic Analysis and Monitoring System for Early Warning System

  • Conference paper
Frontiers of High Performance Computing and Networking – ISPA 2006 Workshops (ISPA 2006)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 4331))

Abstract

In this paper, we develop network traffic monitoring tool in order to analyze and monitor a network environment effectively. The network traffic analysis and monitoring system is designed based on attack knowledge for EWS(Early Warning System). It consists of an agent for host, a database server and administrator’s tool. Each host agent captures and collects network traffic information using WinPcap library, and send those information to the database server. The database server classifies and keeps necessary information from all the information sent, and provides those information when the administrator requests the information. The administrator’s tool combines the information from the server, applies the analysis of correlation, and confirms the network attack situation. This system can monitor the network traffics and analyze global traffic stream effectively, and aware various internet attack situations. The system was designed using C++ and ODBC (Open Database Connectivity).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Kim, H.A., Karp, B.: Autograph: Toward Automated, Distributed Worm Signature Detection. In: 13th Usenix Security Symposium (Security 2004) (August 2004)

    Google Scholar 

  2. Gatner, IDS a failure. firewalls recommanded, Web Host Industry Review. June 11

    Google Scholar 

  3. Debar, H., Wespi, A.: Aggregation and Correlation of Intrusion-Detection Alerts. In: Lee, W., Mé, L., Wespi, A. (eds.) RAID 2001. LNCS, vol. 2212, pp. 85–103. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  4. Schnackenberg, D., Djahandari, K., Dterene, D.: Infrastructure for Intrusion Detection and Response. In: Proceedings of DISCEX (January 2000)

    Google Scholar 

  5. Mahoney, M.V., Phad, P.K.C.: Packet header anomaly detection for indentifying hostile network traffic, Florida Tech, CS-2001-4 (2001)

    Google Scholar 

  6. Krugel, T.T.C., Kirda, E.: Service specific anomaly detection for network intrusion detection. In: Proceeding of Symposium on Applied Computing (March 2002)

    Google Scholar 

  7. Porras, P.A., Newmann, P.G.: EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances. In: Proceedings of the 20th NIS Security Conference (October 1997)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Engineering, Hannam University, 133 Ojung-Dong, Daeduk-Gu, Daejeon, 306-791, Korea

    Geuk Lee, Inkyu Han & Youngsup Kim

Authors
  1. Geuk Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Inkyu Han
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Youngsup Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computing, School of Informatics, University of Bradford, BD7 1DP, Bradford, U.K.

    Geyong Min

  2. Dipartimento di Ingegneria dell’ Informazione - Second, University of Naples - Italy, Real Casa dell’Annunziata - via Roma, 29 81031, Aversa (CE), Italy

    Beniamino Di Martino

  3. Department of Computer Science, St. Francis Xavier University, Antigonish, Canada

    Laurence T. Yang

  4. Department of Computer Science and Engineering, Shanghai Jiao Tong University, 200030, Shanghai, China

    Minyi Guo

  5. Department of Computer Science, Chemnitz University of Technology, Germany

    Gudula Rünger

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lee, G., Han, I., Kim, Y. (2006). A Design of Network Traffic Analysis and Monitoring System for Early Warning System. In: Min, G., Di Martino, B., Yang, L.T., Guo, M., Rünger, G. (eds) Frontiers of High Performance Computing and Networking – ISPA 2006 Workshops. ISPA 2006. Lecture Notes in Computer Science, vol 4331. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11942634_102

Download citation

  • DOI: https://doi.org/10.1007/11942634_102

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-49860-5

  • Online ISBN: 978-3-540-49862-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics