Network Security and Behavior Analysis of an
Institute using Wireshark
Journal:
GRENZE International Journal of Computer Theory and Engineering
Authors:
Amanpreet Kaur, Monika Sachdeva
Volume:
1
Issue:
1
Grenze ID:
01.GIJCTE.1.1.546
Pages:
69-84
Abstract
Security has become an important requisite due to the prevalent attacks and various other
security issues that have made networks vulnerable to a great extent. There’s a requirement to analyze
the networks and diagnose the malicious packets travelling through it. This lead to the development of a
number of packet analyzers that will monitor the network assets to detect their anomalous behavior
and misuse. In our dissertation work, we use Wireshark as a packet analyzer which observed the
communicating nodes and gathered data from them. Wireshark is an open source packet analyzer
,which was formerly known as Ethereal.
Here we have monitored and analyzed the traffic of an institute using various protocols like TCP/IP,
HTTP, ARP and ICMP. Wireshark observed data coming from certain IP addresses and captured
packets that were exchanged by those nodes.. The outputs are shown in graphs namely Time Sequence
graph, Round Trip Time graph and Throughput Graph. Protocol hierarchies are built which shows low
, medium and peak loads. HTTP Statistics are built and Expert analysis is done. Certain attacks are
observed on ARP, DHCP, DDOS and HTTP Spidering and they are shown through graphs as well. In
order to resolve network problems, an exhaustive analysis of those areas or segments that are lower in
performance is required. The graphs obtained here using wireshark help to interpret the efficiency and
performance of the network of an institute taken.