Nosagie Aghedo
Nosagie Aghedo
  • Home
  • About
  • portfolio
  • Resume
  • CERTIFICATES
  • More
    • Home
    • About
    • portfolio
    • Resume
    • CERTIFICATES
  • Home
  • About
  • portfolio
  • Resume
  • CERTIFICATES

Advanced Packet Sniffer Project

Real-World Context

Problem Statement:
Monitoring network traffic is essential for detecting malicious activities such as unauthorized access, data exfiltration, or DDoS attacks. Traditional packet sniffers lack advanced filtering and logging features.


Solution:
By designing a Python-based advanced packet sniffer that:

  1. Captures live packets on a network.
  2. Filters traffic based on protocol (HTTP, TCP, UDP).
  3. Detects anomalies like suspicious IP addresses or unusually large packet sizes.
  4. Logs traffic data for later analysis.

I was able to solve this problem.


Skills Demonstrated

  • Coding: Python (Scapy, socket, pandas).
  • Networking: Packet capturing and analysis.
  • Intrusion Detection: Traffic anomaly detection.
  • Documentation: Comprehensive technical guide and results log.

  


Project Components

 A. Packet Sniffing Module 

  • Description: Captured live packets using scapy.
  • Features: 
    • Filter protocols (HTTP, TCP, UDP).
    • Log packet source IP, destination IP, protocol type, and size.

    Code Snippet:

               from scapy.all import sniff, IP, TCP, UDP

               def packet_callback(packet):

                      if IP in packet:

                          print(f"Source: {packet[IP].src}, Destination: {packet[IP].dst},

               Protocol: {packet[IP].proto}")

                               with open("packet_log.txt", "a") as log:

                                        log.write(f"{packet.summary()}\n")

              print("Sniffing packets... Press Ctrl+C to stop.")

              sniff(prn=packet_callback, store=0) 


    B. Traffic Anomaly Detection Module

  • Description:      

                    Analyzed captured packets for anomalies like: 

                    High data transfer volume.

                    Traffic from suspicious IP addresses. Code Snippet:            import pandas as pd            def analyze_traffic(log_file):                    df = pd.read_csv(log_file, names=["Summary"])                    print("Analyzing traffic for anomalies...")                    print(df.head()) # Perform IP address analysis or anomaly detection 
C. Output & Results

  • Real-time packet capture displayed in the console.
  • Log file storing all packets for analysis.
  • Flagged anomalies (e.g., large packet sizes).


Documentation

  • README: 
    • Project Setup (dependencies: scapy, pandas).
    • Use Cases: Detect unusual network traffic or monitor specific protocols.


  • Report: 
    • Introduction to packet sniffing.
    • Key results: Captured traffic samples, anomaly detection outcomes.

Copyright © 2024 Nosagie

  • Privacy Policy

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept