Performance Analysis of Packet Sniffing Techniques Applied to Network Monitoring

Authors

Keywords:

network monitoring, network sniffer, security

Abstract

Network monitoring based on packet sniffing is one of the most useful techniques applied by system administrators and security analysts in order to identify threats within a local network. Despite being supposedly a simple task, it could sometimes be a highly resource consuming process. In this paper, the use of two sniffing techniques, raw sockets and scapy, to achieve better performance in terms of maximum capture packet rate are analyzed and compared. Furthermore, both techniques are optimized by using BSD Packet Filtering to improve packet capture, and a multicore architecture in order to reduce the exposition to denegation of service attacks. Finally, a system based on those techniques that is able to automatically detect layers 2 and 3 common vulnerabilities and attacks within the scope of corporative networks is developed. The result is an enhanced system focused on link and network layers that can be deployed in corporative environments.

Downloads

Download data is not yet available.

Author Biographies

David Álvarez Robles, Alisec S.L.

received his MS in Telecommunications Engineering from the University of Oviedo, Asturias, Spain in 2019. He is currently working at Alisec S.L, a Spanish IT company focused on cybersecurity. His current research interests include security and ethical hacking.

Pelayo Nuño, University of Oviedo

received his MS and PhD in Computer Science from the University of Oviedo, Asturias, Spain, in 2009 and 2013, respectively. He is an assistant professor in the Department of Computer Science and Engineering at the University of Oviedo since 2015. His research interests include network security and multimedia networking.

Francisco González Bulnes, University of Oviedo

received his MS and PhD in Computer Science from the University of Oviedo, Asturias, Spain, in 2007 and 2012, respectively. He is an associate professor in the Department of Computer Science and Engineering at the University of Oviedo since 2007. His current research interests include cybersecurity and real-time communications.

Juan Carlos Granda Candás, University of Oviedo

received his MS and PhD in Computer Science from the University of Oviedo, Asturias, Spain, in 2004 and 2008, respectively. He is a tenured professor in the Department of Computer and Engineering at the University of Oviedo. He is involved research activities focused on network security, multimedia networking and IoT.

3650

Published

2021-06-01

How to Cite

Álvarez Robles, D., Nuño, P., González Bulnes, F., & Granda Candás, J. C. (2021). Performance Analysis of Packet Sniffing Techniques Applied to Network Monitoring. IEEE Latin America Transactions, 19(3), 490–499. Retrieved from https://latamt.ieeer9.org/index.php/transactions/article/view/3650