Modern ağ trafiği analizi için derin paket incelemesi hakkında kapsamlı bir çalışma: sorunlar ve zorluklar

Çelebi, Merve; ÖZBİLEN, Alper; Yavanoğlu, Uraz

doi:10.28948/ngumuh.1184020

Cited by 2 publications

(3 citation statements)

References 165 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Initially, TCP/IP header attacks were relatively simple, often involving basic techniques like IP spoofing or SYN flooding. These attacks primarily targeted vulnerabilities in the TCP/IP protocol stack, exploiting weaknesses in packet header fields to disrupt network communications or compromise system integrity [34]- [37]. As network security measures improved, attackers adapted by developing more sophisticated methods to evade detection and bypass security controls.…”

Section: Figure 2 Tcp Headermentioning

confidence: 99%

Survey on evolving threats in TCP/IP header attacks: Emerging trends and future directions

Winnie Owoko

2024

World J. Adv. Eng. Technol. Sci.

View full text Add to dashboard Cite

The TCP/IP protocol suite, a cornerstone of modern networking, faces escalating threats from evolving attack vectors targeting its headers. This survey explores emerging trends in TCP/IP header attacks, assessing their potential impact and outlining future directions for defense strategies. By scrutinizing recent research and real-world incidents, the paper aims to offer insights into the evolving threat landscape and provide recommendations for enhancing network security. Key areas of investigation include the historical evolution of TCP/IP header vulnerabilities, the adaptation of attackers' techniques over time, and the development of novel defense mechanisms to counteract these threats. The survey underscores the critical importance of understanding TCP/IP header attacks in contemporary cybersecurity and highlights the necessity for proactive measures to safeguard network infrastructures. By addressing the challenges posed by evolving TCP/IP header attacks and identifying areas for further research and development, this survey contributes to the ongoing efforts to strengthen network defenses and mitigate the risks associated with cyber threats targeting TCP/IP protocols.

show abstract

Section: Figure 2 Tcp Headermentioning

confidence: 99%

Survey on evolving threats in TCP/IP header attacks: Emerging trends and future directions

Winnie Owoko

2024

World J. Adv. Eng. Technol. Sci.

View full text Add to dashboard Cite

show abstract

“…Но всегда оставался класс задач, которые решались только протокольным декодированием. Это задачи, в которых важна высокая точность распознавания протоколов или их признаков, с небольшим количеством ложных срабатываний [10]. Кроме того, с ростом возможностей вычислительной техники проводить более "глубокий" анализ стало проще, что позволило как решать задачи в большем числе случаев, так и решать всё более сложные задачи.…”

Section: применение анализа сетевого трафикаunclassified

“…В[10] выделяют 4 метода реализации функций глубокого анализа трафика:  Классификация пакетов по портам L4.…”

unclassified

Challenges in the implementation of systems for deep packet inspection by the method of full protocol decoding

Ponomarenko,

Egorov,

Getman

2023

Proceedings of ISP RAS

View full text Add to dashboard Cite

This paper presents a summary of experience in developing the deep packet inspection system using full protocol decoding. The paper reviews the challenges encountered during implementation and provides a high-level overview of the solutions to these issues. The challenges can be grouped into two groups. The first group is related to the fundamental tasks which must be addressed when implementing full protocol decoding systems. This includes ensuring correct protocol parsing, which involves identifying and interpreting protocol headers and fields correctly. Moreover, it is necessary to ensure the processing of fragmented packets and the assembly of fragments into the original message. Additionally, the processing and analysis of encrypted traffic is a crucial task that may require the use of specialized algorithms and tools. The second group of problems is related to optimizing the process of full protocol decoding to ensure high-speed traffic processing, as well as supporting new protocols and the ability to add user-defined extensions. While there are open-source systems that address some of the primary issues associated with full protocol decoding, there may be a need for additional effort and specialized solutions to efficiently operate and expand the functionality of such systems. Although implementing deep network traffic analysis tools using full protocol decoding requires the use of advanced hardware and software technologies, the benefits of such analysis are significant. This approach provides a more complete understanding of network traffic patterns and enables more effective detection and prevention of cyber-attacks. It also allows for more accurate monitoring of network performance and the identification of potential bottlenecks or other issues that may impact network efficiency. In this article, we also emphasize the importance of system architecture development and implementation to ensure the successful deployment of deep network traffic analysis tools using full protocol decoding. At last, we conducted an experiment where several advanced optimizations were implemented in the system that had already solved primary issues. These optimizations related to working with memory, based on the features of the traffic processing scheme. By results, we evaluated significant performance improvement in solving secondary tasks, described in this work.

show abstract

Modern ağ trafiği analizi için derin paket incelemesi hakkında kapsamlı bir çalışma: sorunlar ve zorluklar

Cited by 2 publications

References 165 publications

Survey on evolving threats in TCP/IP header attacks: Emerging trends and future directions

Survey on evolving threats in TCP/IP header attacks: Emerging trends and future directions

Challenges in the implementation of systems for deep packet inspection by the method of full protocol decoding

Contact Info

Product

Resources

About