Traffic Analysis of Statistics based on Internet Application Services

인터넷 응용 서비스의 통계에 근거한 트래픽 분석

  • 정태수 (한국전자통신연구원) ;
  • 최진섭 (안동대학교 공과대학 전자정보산업학) ;
  • 정중수 (안동대학교 공과대학 전자정보산업학) ;
  • 김정태 (목원대학교 공과대학 전자정보보호공학) ;
  • 김대영 (충남대학교 정보통신공학부)
  • Published : 2004.08.01

Abstract

A number of Internet application services are used with the development of Internet backbone nowadays. Well-known services such as WWW, ]n, email are provided at first time. Tremendous unwell-known services are presented according to the demands of various contents. After analyzing PDU information of the packet using unwell-known port travelling on the internet, searching internet service type and its statistical data is provided with internet traffic analyst as very useful information. This paper presents the mechanism to extract the internet application services operated on (un)well-known port of UDP or TCP used occasionally through netflow and tcpdump method introduced by ethereal and the operation scheme of the service. Afterwards to get the detailed statistics of the analyzed application service, the agent and the server environment, the agent gathering raw data traffics and the server adapting the traffic received from the agent BNF(Backus-Naur Form) method, is also introduced. Adapting the presented mechanism eve. LAN of Andong national university, the internet traffic service type and the detailed statistics of the analyzed application services which provides with internet traffic analyst are presented as very useful information.

References

  1. 'Sniffer_Pro Protocol Analyzer User manual', http://www.snifferpro.com
  2. 'pA100 Protocol Analyzer User manual', C&C 인스투루먼트, 2000, http://www.cncinst.com
  3. EtherealProtocol Analyzer User manual', http://www.ethereal.com
  4. 'rfc 1700: Assigned Number', http://www.iana.com
  5. http://www.caida.org
  6. http://www.tcpdump.org
  7. rfc2234: Augmented BNF for Syntax Specification: ABNF'