10-08-2011, 01:49 PM
Design and Implementation of a Network Monitoring Tool
The extensive use of computers and networks for exchange of information has also had ramifications on the growth and spread of crime through their use. Law enforcement agencies need to keep up with the emerging trends in these areas for crime detection and prevention. Among the several needs of such agencies is the need to monitor, detect and analyze undesirable network traffic. However, the monitoring, detecting, and analysis of this traffic may be against the goal of maintaining privacy of individuals whose network communications are being monitored.
In this thesis, we discuss the design and implementation of the basic framework of a network monitoring tool - PickPacket - that can address the conflicting issues of network monitoring and privacy through its judicious use. PickPacket comprises of three components - a packet filter, post-processing applications, and a GUI for providing a detailed analysis of the collected data. The packet filter filters packets based on IP addresses, transport layer protocol port numbers, and application layer data content present in them. The implementation of application layer protocol filters for Telnet and SMTP and a text string filter is discussed in this report. We also describe the design and implementation of post-processing applications.