Skip to main content

PACKTER: implementation of internet traffic visualizer and extension for network forensics

Abstract

Traffic visualization tools help network operators to maintain awareness of the status of a network, including anomalous activities. Unfortunately, the network operator may look away from the visualizer when beginning network forensics, such as launching a terminal application, logging into a server, and analyzing log files. Thus, the eyesight of the network operator will move from the visual screen even if valuable information is displayed. Our motivation is to develop the ability to use visualization tools as a network operation console. Whereas previous tools focused on outputting packet information, we herein extend the visualizer to accept inputting for operators to start their operations. Since little such software exists for our intent, we develop PACKTER, which is able to visualize traffic based on per-packet information in real time. We also extend PACKTER to have a function of negotiating to a network forensic system, which allows the operator to select an individual packet using a mouse, to start network forensics using a keyboard, and to receive results without looking away from the PACKTER viewer.

This is a preview of subscription content, access via your institution.

Fig. 1

References

  1. InterTrack (2009) IP traceback : a mechanism to find attack paths. Available at: http://www.intertrack.naist.jp/

  2. Project Packter (2008) PACKTER: a multi purpose traffic visualizer. Available at: http://www.packter.net/index_e.html

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Daisuke Miyamoto.

Additional information

First IMC Workshop on Internet Visualization (WIV 2012), November 13, 2012, Boston, Massachusetts, USA.

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Miyamoto, D., Iimura, T. PACKTER: implementation of internet traffic visualizer and extension for network forensics. Computing 96, 79–80 (2014). https://doi.org/10.1007/s00607-013-0289-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00607-013-0289-1

Keywords

  • Network forensic
  • IP traceback
  • Traffic visualization

Mathematics Subject Classification

  • 68U35