Capability of Wireshark as Intrusion Detection System
Sakshi Singh1, Suresh Kumar2
1Sakshi Singh*, Department of CSE , Ambedkar Institute of Advanced Communication Technologies & Research, Delhi (India).
2Dr. Suresh Kumar, Department of CSE, Ambedkar Institute of Advanced Communication Technologies & Research, Delhi (India).
Manuscript received on January 05, 2020. | Revised Manuscript received on January 25, 2020. | Manuscript published on January 30, 2020. | PP: 4574-4578 | Volume-8 Issue-5, January 2020. | Retrieval Number: E6763018520/2020©BEIESP | DOI: 10.35940/ijrte.E6763.018520
Open Access | Ethics and Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: The rise of networks has increased very fastly in this modern world. Our day to- day life mostly depends on the internet. It can be in the form of education, banking, research, business, journalism and many more. This dependency also leads to various types of intrusions. To identify intrusions on the grid, the system must have a detection engine that can detect intrusions automatically without any human intervention. Wireshark is an important tool for the analysis of network packets. But Wireshark lacks the feature of intrusion detection. In this paper, we will show that Wireshark can be considered not only as troubleshooting tool, network analyzer, protocol analyzer, packet sniffer but also a network intrusion detection tool because if the user has appropriate knowledge about attacks and data packets, then he could easily identify an attack by observing a specific data packet patterns. In this paper, an attack pattern dictionary will be created using which captured live data packets will be manually mapped in order to detect intrusions. We will also identify various attacks captured by Wireshark using this process.
Keywords: Attacks, Attack Pattern Dictionary, Intrusion, Intrusion Detection, Wireshark.
Scope of the Article: Cloud Computing,