Abstract

This paper illustrates the functionality of Wireshark as a sniffing tool in networks. This has been proven by an experimental setup which depicts the efficiency of detection of a malicious packet in any network. Testing has been achieved through experimentation on a real time network analyzed by Wireshark. Inferences have been made which clearly depict Wireshark’s capabilities highlighting it as a strong candidate for future development into a robust intrusion detection system. This paper highlights the working of Wireshark as a network protocol analyzer and also accentuates its flexibility as an open source utility to allow developers to add possible functionalities of intrusion detection devices in it.

References

• Roesch M (1999) Snort - Lightweight Intrusion Detection for Networks. In Proceedings of Thirteenth Systems Administration Conference (LISA), pp 229-238.
• Stolze M, Pawlitzek R and Hild S (2003a) Task Support for Network Security Monitoring. In ACM CHI Workshop on System Administrators Are Users, Too: Designing Workspaces for Managing Internet-Scale Systems.
• Lee W, Stolfo SJ and Mok KW (2000) Adaptive Intrusion Detection: A Data Mining Approach. Artificial Intelligence Review 14(6), 533-567.
• Stolze M, Pawlitzek R and Wespi A (2003b) Visual Problem-Solving Support for New Event Triage in Centralized Network Security Monitoring: Challenges, Tools and Benefits. In GI-SIDAR conference IT-Incident Management and IT-Forensics (IMF).
• Pinkas, B., Sander, T.: Securing passwords against dictionary attacks Proceedings of the 9th ACM conference on Computer and communications security Washington, DC, USA (2002 ) 161-170
• Madsen, P., Koga, Y., Takahashi, K.: Federated identity management for protecting users from ID theft Proceedings of the 2005 workshop on Digital identity management Fairfax, VA, USA (2005) 77-83
• Gouda, M.G., Liu, A.X., Leung, L.M., Alam, M.A.: Single Password, Multiple Accounts. Proceedings of 3rd Applied Cryptography and Network Security Conference (industry track), New York City, New York (2005)
• Luo, H., Henry, P.: A common password method for protection of multiple accounts. 14th IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, Vol. 3 (2003) 2749 - 2754
• Gaw, S., Felten, E.W.: Password management strategies for online accounts. Proceedings of the second symposium on Usable privacy and security ACM Press, Pittsburgh, Pennsylvania (2006) 44-55
• Riley, S.: Password Security: What Users Know and What They Actually Do. Usability News, Vol. 2006. Software Usability Research Laboratory, Department of Psychology, Wichita State University, Wichita (2006)
• S. R. Snapp, J. Brentano, G. V. Dias, T. L. Goan, L. T. Heberlein, C. Ho, K. N. Levitt, B. Mukherjee, S. E. Smaha, T. Grance, D. M. Teal and D. Mansur, DIDS (Distributed Intrusion Detection System) Motivation, Architecture and Early Prototype, Proceeding 14th National Computer Security Conference, pg. 167 176, 1991
• S. James P. Anderson, Computer security threat monitoring and surveillance” ,Technical report, Fort Washington, PA, April 1980
• Stephen E. Smaha, ”Haystack: An intrusion detection system”, In Proceedings of the Fourth Aerospace Computer Security Applications Conference, pages 37-44, December 1988.
• L. Todd Heberlein, Gihan V. Dias, Karl N. Levitt, Biswanath Mukherjee, Jeff Wood, and David Wolber, ”A network security monitor”, In Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy, pages 296-304, May 1990.