Abstract
Traffic visualization tools help network operators to maintain awareness of the status of a network, including anomalous activities. Unfortunately, the network operator may look away from the visualizer when beginning network forensics, such as launching a terminal application, logging into a server, and analyzing log files. Thus, the eyesight of the network operator will move from the visual screen even if valuable information is displayed. Our motivation is to develop the ability to use visualization tools as a network operation console. Whereas previous tools focused on outputting packet information, we herein extend the visualizer to accept inputting for operators to start their operations. Since little such software exists for our intent, we develop PACKTER, which is able to visualize traffic based on per-packet information in real time. We also extend PACKTER to have a function of negotiating to a network forensic system, which allows the operator to select an individual packet using a mouse, to start network forensics using a keyboard, and to receive results without looking away from the PACKTER viewer.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
InterTrack (2009) IP traceback : a mechanism to find attack paths. Available at: http://www.intertrack.naist.jp/
Project Packter (2008) PACKTER: a multi purpose traffic visualizer. Available at: http://www.packter.net/index_e.html
Author information
Authors and Affiliations
Corresponding author
Additional information
First IMC Workshop on Internet Visualization (WIV 2012), November 13, 2012, Boston, Massachusetts, USA.
Rights and permissions
About this article
Cite this article
Miyamoto, D., Iimura, T. PACKTER: implementation of internet traffic visualizer and extension for network forensics. Computing 96, 79–80 (2014). https://doi.org/10.1007/s00607-013-0289-1
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00607-013-0289-1