Отправить статью по E-mail Data representation model for in-depth analysis of network traffic
- Авторы: Get’man I.1, Ivannikov V.P.1,2,3,4, Markin Y.V.1, Padaryan V.A.1,2, Tikhonov A.Y.1
-
Учреждения:
- Institute for System Programming
- Moscow State University
- Moscow Institute of Physics and Technology
- National Research University Higher School of Economics
- Выпуск: Том 42, № 5 (2016)
- Страницы: 316-323
- Раздел: Article
- URL: https://journals.rcsi.science/0361-7688/article/view/176452
- DOI: https://doi.org/10.1134/S0361768816050030
- ID: 176452
Цитировать
Открытый доступ
Доступ предоставлен
Только для подписчиков
Аннотация
This paper proposes a new object model of data for the in-depth analysis of network traffic. In contrast to the model used by most modern network analyzers (for example, Wireshark and Snort), the proposed model supports data stream reassembling with subsequent parsing. The model also provides a convenient universal mechanism for binding parsers, thus making it possible to develop completely independent parsers. Moreover, the proposed model allows processing modified—compressed or encrypted—data. This model forms the basis of the infrastructure for the in-depth analysis of network traffic.
Об авторах
I. Get’man
Institute for System Programming
Автор, ответственный за переписку.
Email: thorin@ispras.ru
Россия, ul. Solzhenitsyna 25, Moscow, 109004
V. Ivannikov
Institute for System Programming; Moscow State University; Moscow Institute of Physics and Technology; National Research University Higher School of Economics
Email: thorin@ispras.ru
Россия, ul. Solzhenitsyna 25, Moscow, 109004; Moscow, 119991; Institutskii per. 9, Dolgoprudnyi, Moscow oblast, 141700; ul. Myasnitskaya 20, Moscow, 101000
Yu. Markin
Institute for System Programming
Email: thorin@ispras.ru
Россия, ul. Solzhenitsyna 25, Moscow, 109004
V. Padaryan
Institute for System Programming; Moscow State University
Email: thorin@ispras.ru
Россия, ul. Solzhenitsyna 25, Moscow, 109004; Moscow, 119991
A. Tikhonov
Institute for System Programming
Email: thorin@ispras.ru
Россия, ul. Solzhenitsyna 25, Moscow, 109004
Дополнительные файлы
