DOI: 10.14569/IJACSA.2016.070228

A New Hybrid Network Sniffer Model Based on Pcap Language and Sockets (Pcapsocks)

Author 1: Azidine GUEZZAZ
Author 2: Ahmed ASIMI
Author 3: Yassine SADQI
Author 4: Younes ASIMI
Author 5: Zakariae TBATOU

International Journal of Advanced Computer Science and Applications(IJACSA), Volume 7 Issue 2, 2016.

Abstract: Nowadays, the protection and the security of data transited within computer networks represent a real challenge for developers of computer applications and network administrators. The Intrusion Detection System and Intrusion Prevention System are the reliable techniques for a Good security. Any detected intrusion is based on data collection. So, the collection of an important and significant traffic on the monitored systems is an interesting feature. Thus, the first task of Intrusion Detection System and Intrusion Prevention System is to collect information’s basis to treat and analyze them, and to make accurate decisions. Network analysis can be used to improve networks performances and their security, but it can also be used for malicious tasks. Our main goal in this article is to design a reliable and powerful network sniffer, called PcapSockS, based on pcap language and sockets, able to intercept traffic in three modes: connected, connectionless and raw mode. We start with the performances assessment performed on a list of most expanded and most recently used network sniffers. The study will be completed by a classification of these sniffers related to computer security objectives based on parameters library (libpcap/winpcap or libnet), filtering, availability, software or hardware, alert and real time. The PcapSockS provides a nice performance integrating reliable sniffing mechanisms that allow a supervision taking into account some low and high-level protocols for TCP and UDP network communications.

Keywords: Network Security; Intrusion Detection; Intrusion Prevention; Sniffing; Filtering; Network sniffer; Libpcap; Libnet; Sockets

Azidine GUEZZAZ, Ahmed ASIMI, Yassine SADQI, Younes ASIMI and Zakariae TBATOU, “A New Hybrid Network Sniffer Model Based on Pcap Language and Sockets (Pcapsocks)” International Journal of Advanced Computer Science and Applications(IJACSA), 7(2), 2016. http://dx.doi.org/10.14569/IJACSA.2016.070228

@article{GUEZZAZ2016,
title = {A New Hybrid Network Sniffer Model Based on Pcap Language and Sockets (Pcapsocks)},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2016.070228},
url = {http://dx.doi.org/10.14569/IJACSA.2016.070228},
year = {2016},
publisher = {The Science and Information Organization},
volume = {7},
number = {2},
author = {Azidine GUEZZAZ and Ahmed ASIMI and Yassine SADQI and Younes ASIMI and Zakariae TBATOU}
}


Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

IJACSA

Upcoming Conferences

IntelliSys 2025

28-29 August 2025

Future Technologies Conference 2025

6-7 November 2025

Healthcare Conference 2026

21-22 May 2026

Computing Conference 2026

9-10 July 2026

IntelliSys 2026

3-4 September 2026

Computer Vision Conference 2026

15-16 October 2026