Conference Paper

Internet Traffic Analysis of an Educational Network using Bro IDS

Authors:
To read the full-text of this research, you can request a copy directly from the authors.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

ResearchGate has not been able to resolve any citations for this publication.
Full-text available
Conference Paper
Monitoring of network traffic flow is very important for network management. Classifying network traffic can detect hidden patterns of possible threat. Classification is a tool of network administrator to find out hidden threats to network. In this paper we have analysed network traffic which is captured on Panjab University campus network. This traffic is classified and certain alarming results are found despite the use of all security measures by network administrators. For performing this experiment open source tools like tcpdump, wirehark, linux etc. have been used. This study shows existence of unknown networks as well as suspected broadcast. Based on these results classification of campus network traffic is advised along with other currently used security measures to find out anomalies. Some of the countermeasures to prevent such type of attack have also been discussed.
Full-text available
Article
Monitoring of network traffic flow is very important for network management. Classifying network traffic can detect hidden patterns of possible threat. Classification is a tool of network administrator to find out hidden threats to network. In this paper we have analysed network traffic which is captured on Panjab University campus network. This traffic is classified and certain alarming results are found despite the use of all security measures by network administrators. For performing this experiment open source tools like tcpdump, wirehark, linux etc. have been used. This study shows existence of unknown networks as well as suspected broadcast. Based on these results classification of campus network traffic is advised along with other currently used security measures to find out anomalies. Some of the countermeasures to prevent such type of attack have also been discussed.
Full-text available
Conference Paper
The rise of location-based services has enabled many opportunities for content service providers to optimize the content delivery based on user's location. Since sharing precise location remains a major privacy concern among the users, many location-based services rely on contextual location (e.g. residence, cafe etc.) as opposed to acquiring user's exact physical location. In this paper, we present PACL (Privacy-Aware Contextual Localizer), which can learn user's contextual location just by passively monitoring user's network traffic. PACL can discern a set of vital attributes (statistical and application-based) from user's network traffic, and predict user's contextual location with a very high accuracy. We design and evaluate PACL using real-world network traces of over 1700 users with over 100 gigabytes of total data. Our results show that PACL (built using decision tree) can predict user's contextual location with the accuracy of around 87%.
Full-text available
Article
The demand for Internet services and network resources in Educational networks are increasing rapidly. Specifically, the revolution of web 2.0 “also referred to as the Read-Write Web” has changed the way of information exchange and distribution. Although web 2.0 has gained attraction in all sectors of the education industry, but it results in high-traffic loads on networks which often leads to the Internet users’ dissatisfaction. Therefore, analyzing Internet traffic becomes an urgent need to provide high-quality service, monitoring bandwidth usage. In this study, we focus on analyzing the Internet traffic in Universiti Utara Malaysia (UUM) main campus. We performed measurement analysis form the application level characteristics based on users’ preferences. A total of three methodological steps are carried out to meet the objective of this study namely data collection, data analysis and data presentation. The finding shows that social networks are the most web applications visited in UUM. These findings lead to facilitate the enhancement of Educational network performance and Internet bandwidth strategies.
Full-text available
Data
Internet traffic measurement and analysis has long been used to characterize network usage and user behaviors, but faces the problem of scalability under the explosive growth of Internet traffic and high-speed access. Scalable Internet traffic measurement and analysis is difficult because a large data set requires matching computing and storage resources. Hadoop, an open-source computing platform of MapReduce and a distributed file system, has become a popular infras-tructure for massive data analytics because it facilitates scal-able data processing and storage services on a distributed computing system consisting of commodity hardware. In this paper, we present a Hadoop-based traffic monitoring system that performs IP, TCP, HTTP, and NetFlow analy-sis of multi-terabytes of Internet traffic in a scalable manner. From experiments with a 200-node testbed, we achieved 14 Gbps throughput for 5 TB files with IP and HTTP-layer analysis MapReduce jobs. We also explain the performance issues related with traffic analysis MapReduce jobs.
Conference Paper
In this work, we study YouTube traffic characteristics in a medium-sized Swedish residential municipal network that has - 2600 mainly FTTH broadband-connected households. YouTube traffic analyses were carried out in the perspective of video clip category and duration, in order to understand their impact on the potential local network caching gains. To the best of our knowledge, this is the first time systematic analysis of YouTube traffic content in the perspective of video clip category and duration in a residential broadband network. Our results show that the requested YouTube video clips from the end users in the studied network were imbalanced in regarding the video categories and durations. The dominating video category was Music, both in terms of the total traffic share as well as the contribution to the overall potential local network caching gain. In addition, most of the requested video clips were between 2-5 min in duration, despite video clips with durations over 15 min were also popular among certain video categories, e.g. film videos.
Article
User-Generated Content has become very popular since new web services such as YouTube allow for the distribution of user-produced media content. YouTube-like services are different from existing traditional VoD services in that the service provider has only limited control over the creation of new content. We analyze how content distribution in YouTube is realized and then conduct a measurement study of YouTube traffic in a large university campus network. Based on these measurements, we analyzed the duration and the data rate of streaming sessions, the popularity of videos, and access patterns for video clips from the clients in the campus network. The analysis of the traffic shows that trace statistics are relatively stable over short-term periods while long-term trends can be observed. We demonstrate how synthetic traces can be generated from the measured traces and show how these synthetic traces can be used as inputs to trace-driven simulations. We also analyze the benefits of alternative distribution infrastructures to improve the performance of a YouTube-like VoD service. The results of these simulations show that P2P-based distribution and proxy caching can reduce network traffic significantly and allow for faster access to video clips.
Analysis of a campus-wide wireless network
  • D Kotz
  • K Essien