SlideShare a Scribd company logo

Network Security and Analysis with Python

pycontw
pycontw

Using Python, the author has developed a program that learns about protocol formats, with the main goal in being useful for Deep Packet Inspection. Deep Packet Inspection is a process mainly used in network security to ensure integrity of network data sent across the network. Deep Packet Inspection is used to pre-empt and prevent malicious data from being transmitted over a network in order to ensure the security of the organization. http://tw.pycon.org/2015apac/en/lightning_en

Technology
1 of 37
Download to read offline
NETWORK SECURITY AND ANALYSIS WITH PYTHON Lee Yang Peng Dunman High School Singapore
DEEP Packet Inspection Searching if anything in the packet is suspicious
ANALYTICS Motivation: Helping Deep Packet Inspection An initial experimental study Then I conducted experiments on them to determine their effectiveness
HEURISTICS FOR ANALYTICS Detecting Constant Fields and Enumeration fields to learn about protocol format Constant: Bytes that do not change data in all packets in a single protocol.  For example: {‘x00’} appears all the time. Or {‘x00’, ‘x01’, ‘x02’} in sequence Enums: Bytes at fixed positions that changes only slightly or has a limited number of values.  For example: At position 5, only contains values within {‘x00’, ‘x01’, ‘x02’}
Constant fields in protocol headers: Maybe… Paddings Protocol Version Reserved Fields
Where pi is the probability of each value occurring
13 May 2015
Ethernet TCP UDP IPv4 IPv6 ICMP IGMP(v3) ARP SMB NBNS LLMNR DNS SCTP OSPF
Contagio: http://contagiodump.blogspot.sg/
• Collected data unable to simulate randomness of a real network • False positives will be observed • For consistency, will mark these as incorrect during my evaluation
• Manual analysis of the protocol header was compared against ground truth from protocol documentation • Mark every byte in protocol header as {Constant, Not Constant}, and {Enum, Not Enum} • Accuracy = (True Positives + True Negatives) / Total Header Length • Entered these data into a table
Protocol Accuracy (Constants) Accuracy (Enums) TCP 100% 95% IPv4 90% 95% Ethernet 100% 100% IPv6 97.5% 92.5% DNS / NetBIOS-NS / LLMNR 41.7% 91.6% ARP 50.0% 62.5% ICMP 100% 100% UDP 100% 100% OSPF 30% 80% IGMP Version 3 50% 62.5% SCTP 100% 100% SMB 62.5% 84.4% Average Accuracy 76.8% 88.6%
LIMITATIONS • Is only useful for analyzing a single protocol • Heuristics to detect higher level fields such as dependencies and sequence numbers are not yet implemented
Network Security and Analysis with Python

Recommended

CVPRW2015
CVPRW2015CVPRW2015
CVPRW2015Thomas Effland
 
A probabilistic data encryption scheme (pdes)
A probabilistic data encryption scheme (pdes)A probabilistic data encryption scheme (pdes)
A probabilistic data encryption scheme (pdes)Alexander Decker
 
maXbox Starter 31 Closures
maXbox Starter 31 ClosuresmaXbox Starter 31 Closures
maXbox Starter 31 ClosuresMax Kleiner
 
Secure ordered bucketization
Secure ordered bucketizationSecure ordered bucketization
Secure ordered bucketizationShakas Technologies
 
SummaRuNNer: A Recurrent Neural Network based Sequence Model for Extractive ...
SummaRuNNer: A Recurrent Neural Network based Sequence Model for Extractive ... SummaRuNNer: A Recurrent Neural Network based Sequence Model for Extractive ...
SummaRuNNer: A Recurrent Neural Network based Sequence Model for Extractive ...Shubhangi Tandon
 
a performance analysis of generalized key scheme block cipher (gksbc) algorit...
a performance analysis of generalized key scheme block cipher (gksbc) algorit...a performance analysis of generalized key scheme block cipher (gksbc) algorit...
a performance analysis of generalized key scheme block cipher (gksbc) algorit...INFOGAIN PUBLICATION
 
Ciphers
CiphersCiphers
Ciphersphanleson
 
Introduction to Python for Security Professionals
Introduction to Python for Security ProfessionalsIntroduction to Python for Security Professionals
Introduction to Python for Security ProfessionalsAndrew McNicol
 

Recommended

CVPRW2015
CVPRW2015CVPRW2015
CVPRW2015Thomas Effland
 
A probabilistic data encryption scheme (pdes)
A probabilistic data encryption scheme (pdes)A probabilistic data encryption scheme (pdes)
A probabilistic data encryption scheme (pdes)Alexander Decker
 
maXbox Starter 31 Closures
maXbox Starter 31 ClosuresmaXbox Starter 31 Closures
maXbox Starter 31 ClosuresMax Kleiner
 
Secure ordered bucketization
Secure ordered bucketizationSecure ordered bucketization
Secure ordered bucketizationShakas Technologies
 
SummaRuNNer: A Recurrent Neural Network based Sequence Model for Extractive ...
SummaRuNNer: A Recurrent Neural Network based Sequence Model for Extractive ... SummaRuNNer: A Recurrent Neural Network based Sequence Model for Extractive ...
SummaRuNNer: A Recurrent Neural Network based Sequence Model for Extractive ...Shubhangi Tandon
 
a performance analysis of generalized key scheme block cipher (gksbc) algorit...
a performance analysis of generalized key scheme block cipher (gksbc) algorit...a performance analysis of generalized key scheme block cipher (gksbc) algorit...
a performance analysis of generalized key scheme block cipher (gksbc) algorit...INFOGAIN PUBLICATION
 
Ciphers
CiphersCiphers
Ciphersphanleson
 
Introduction to Python for Security Professionals
Introduction to Python for Security ProfessionalsIntroduction to Python for Security Professionals
Introduction to Python for Security ProfessionalsAndrew McNicol
 
Python build your security tools.pdf
Python build your security tools.pdfPython build your security tools.pdf
Python build your security tools.pdfTECHNOLOGY CONTROL CO.
 
Python for Penetration testers
Python for Penetration testersPython for Penetration testers
Python for Penetration testersChristian Martorella
 
شهادات سيسكو الإحترافية
شهادات سيسكو الإحترافيةشهادات سيسكو الإحترافية
شهادات سيسكو الإحترافيةEldaw Ali Yousif
 
Atm hacking and cracking to steal money with atm backdoor default master pass...
Atm hacking and cracking to steal money with atm backdoor default master pass...Atm hacking and cracking to steal money with atm backdoor default master pass...
Atm hacking and cracking to steal money with atm backdoor default master pass...FREDDY KEKANA
 
CapAnalysis - Deep Packet Inspection
CapAnalysis - Deep Packet InspectionCapAnalysis - Deep Packet Inspection
CapAnalysis - Deep Packet InspectionChris Harrington
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware AnalysisAndrew McNicol
 
Introduction to Penetration Testing
Introduction to Penetration TestingIntroduction to Penetration Testing
Introduction to Penetration TestingAndrew McNicol
 
Snake bites : Python for Pentesters
Snake bites : Python for PentestersSnake bites : Python for Pentesters
Snake bites : Python for PentestersAnant Shrivastava
 
Python Cryptography & Security
Python Cryptography & SecurityPython Cryptography & Security
Python Cryptography & SecurityJose Manuel Ortega Candel
 
OSINT tools for security auditing with python
OSINT tools for security auditing with pythonOSINT tools for security auditing with python
OSINT tools for security auditing with pythonJose Manuel Ortega Candel
 
Penetration testing using python
Penetration testing using pythonPenetration testing using python
Penetration testing using pythonPurna Chander K
 
Operations security - SyPy Dec 2014 (Sydney Python users)
Operations security - SyPy Dec 2014 (Sydney Python users)Operations security - SyPy Dec 2014 (Sydney Python users)
Operations security - SyPy Dec 2014 (Sydney Python users)Mikko Ohtamaa
 
اسلاید دوم جلسه یازدهم کلاس پایتون برای هکر های قانونی
اسلاید دوم جلسه یازدهم کلاس پایتون برای هکر های قانونیاسلاید دوم جلسه یازدهم کلاس پایتون برای هکر های قانونی
اسلاید دوم جلسه یازدهم کلاس پایتون برای هکر های قانونیMohammad Reza Kamalifard
 
Evdokimov python arsenal for re
Evdokimov python arsenal for reEvdokimov python arsenal for re
Evdokimov python arsenal for reDefconRussia
 
Python tools for testing web services over HTTP
Python tools for testing web services over HTTPPython tools for testing web services over HTTP
Python tools for testing web services over HTTPMykhailo Kolesnyk
 
Le pentest face au droit - Cyber@Hack 2015
Le pentest face au droit - Cyber@Hack 2015Le pentest face au droit - Cyber@Hack 2015
Le pentest face au droit - Cyber@Hack 2015Benjamin Benifei
 
Stegano Secrets - Python
Stegano Secrets - PythonStegano Secrets - Python
Stegano Secrets - Pythonn|u - The Open Security Community
 
Pycon Sec
Pycon SecPycon Sec
Pycon Secguesta762e4
 
Denoising auto encoders(d a)
Denoising auto encoders(d a)Denoising auto encoders(d a)
Denoising auto encoders(d a)Tae Young Lee
 
Protecting confidential files using SE-Linux
Protecting confidential files using SE-LinuxProtecting confidential files using SE-Linux
Protecting confidential files using SE-LinuxGiuseppe Paterno'
 
A Critical Reassessment of Evolutionary Algorithms on the Cryptanalysis of th...
A Critical Reassessment of Evolutionary Algorithms on the Cryptanalysis of th...A Critical Reassessment of Evolutionary Algorithms on the Cryptanalysis of th...
A Critical Reassessment of Evolutionary Algorithms on the Cryptanalysis of th...ijcisjournal
 
A critical reassessment of
A critical reassessment ofA critical reassessment of
A critical reassessment ofijcisjournal
 

More Related Content

Viewers also liked

شهادات سيسكو الإحترافية
شهادات سيسكو الإحترافيةشهادات سيسكو الإحترافية
شهادات سيسكو الإحترافيةEldaw Ali Yousif
 
Atm hacking and cracking to steal money with atm backdoor default master pass...
Atm hacking and cracking to steal money with atm backdoor default master pass...Atm hacking and cracking to steal money with atm backdoor default master pass...
Atm hacking and cracking to steal money with atm backdoor default master pass...FREDDY KEKANA
 
CapAnalysis - Deep Packet Inspection
CapAnalysis - Deep Packet InspectionCapAnalysis - Deep Packet Inspection
CapAnalysis - Deep Packet InspectionChris Harrington
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware AnalysisAndrew McNicol
 
Introduction to Penetration Testing
Introduction to Penetration TestingIntroduction to Penetration Testing
Introduction to Penetration TestingAndrew McNicol
 
Snake bites : Python for Pentesters
Snake bites : Python for PentestersSnake bites : Python for Pentesters
Snake bites : Python for PentestersAnant Shrivastava
 
OSINT tools for security auditing with python
OSINT tools for security auditing with pythonOSINT tools for security auditing with python
OSINT tools for security auditing with pythonJose Manuel Ortega Candel
 
Penetration testing using python
Penetration testing using pythonPenetration testing using python
Penetration testing using pythonPurna Chander K
 
Operations security - SyPy Dec 2014 (Sydney Python users)
Operations security - SyPy Dec 2014 (Sydney Python users)Operations security - SyPy Dec 2014 (Sydney Python users)
Operations security - SyPy Dec 2014 (Sydney Python users)Mikko Ohtamaa
 
اسلاید دوم جلسه یازدهم کلاس پایتون برای هکر های قانونی
اسلاید دوم جلسه یازدهم کلاس پایتون برای هکر های قانونیاسلاید دوم جلسه یازدهم کلاس پایتون برای هکر های قانونی
اسلاید دوم جلسه یازدهم کلاس پایتون برای هکر های قانونیMohammad Reza Kamalifard
 
Evdokimov python arsenal for re
Evdokimov python arsenal for reEvdokimov python arsenal for re
Evdokimov python arsenal for reDefconRussia
 
Python tools for testing web services over HTTP
Python tools for testing web services over HTTPPython tools for testing web services over HTTP
Python tools for testing web services over HTTPMykhailo Kolesnyk
 
Le pentest face au droit - Cyber@Hack 2015
Le pentest face au droit - Cyber@Hack 2015Le pentest face au droit - Cyber@Hack 2015
Le pentest face au droit - Cyber@Hack 2015Benjamin Benifei
 
Denoising auto encoders(d a)
Denoising auto encoders(d a)Denoising auto encoders(d a)
Denoising auto encoders(d a)Tae Young Lee
 
Protecting confidential files using SE-Linux
Protecting confidential files using SE-LinuxProtecting confidential files using SE-Linux
Protecting confidential files using SE-LinuxGiuseppe Paterno'
 

Viewers also liked (20)

Python build your security tools.pdf
Python build your security tools.pdfPython build your security tools.pdf
Python build your security tools.pdf
 
Python for Penetration testers
Python for Penetration testersPython for Penetration testers
Python for Penetration testers
 
شهادات سيسكو الإحترافية
شهادات سيسكو الإحترافيةشهادات سيسكو الإحترافية
شهادات سيسكو الإحترافية
 
Atm hacking and cracking to steal money with atm backdoor default master pass...
Atm hacking and cracking to steal money with atm backdoor default master pass...Atm hacking and cracking to steal money with atm backdoor default master pass...
Atm hacking and cracking to steal money with atm backdoor default master pass...
 
CapAnalysis - Deep Packet Inspection
CapAnalysis - Deep Packet InspectionCapAnalysis - Deep Packet Inspection
CapAnalysis - Deep Packet Inspection
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware Analysis
 
Introduction to Penetration Testing
Introduction to Penetration TestingIntroduction to Penetration Testing
Introduction to Penetration Testing
 
Snake bites : Python for Pentesters
Snake bites : Python for PentestersSnake bites : Python for Pentesters
Snake bites : Python for Pentesters
 
Python Cryptography & Security
Python Cryptography & SecurityPython Cryptography & Security
Python Cryptography & Security
 
OSINT tools for security auditing with python
OSINT tools for security auditing with pythonOSINT tools for security auditing with python
OSINT tools for security auditing with python
 
Penetration testing using python
Penetration testing using pythonPenetration testing using python
Penetration testing using python
 
Operations security - SyPy Dec 2014 (Sydney Python users)
Operations security - SyPy Dec 2014 (Sydney Python users)Operations security - SyPy Dec 2014 (Sydney Python users)
Operations security - SyPy Dec 2014 (Sydney Python users)
 
اسلاید دوم جلسه یازدهم کلاس پایتون برای هکر های قانونی
اسلاید دوم جلسه یازدهم کلاس پایتون برای هکر های قانونیاسلاید دوم جلسه یازدهم کلاس پایتون برای هکر های قانونی
اسلاید دوم جلسه یازدهم کلاس پایتون برای هکر های قانونی
 
Evdokimov python arsenal for re
Evdokimov python arsenal for reEvdokimov python arsenal for re
Evdokimov python arsenal for re
 
Python tools for testing web services over HTTP
Python tools for testing web services over HTTPPython tools for testing web services over HTTP
Python tools for testing web services over HTTP
 
Le pentest face au droit - Cyber@Hack 2015
Le pentest face au droit - Cyber@Hack 2015Le pentest face au droit - Cyber@Hack 2015
Le pentest face au droit - Cyber@Hack 2015
 
Stegano Secrets - Python
Stegano Secrets - PythonStegano Secrets - Python
Stegano Secrets - Python
 
Pycon Sec
Pycon SecPycon Sec
Pycon Sec
 
Denoising auto encoders(d a)
Denoising auto encoders(d a)Denoising auto encoders(d a)
Denoising auto encoders(d a)
 
Protecting confidential files using SE-Linux
Protecting confidential files using SE-LinuxProtecting confidential files using SE-Linux
Protecting confidential files using SE-Linux
 

Similar to Network Security and Analysis with Python

A Critical Reassessment of Evolutionary Algorithms on the Cryptanalysis of th...
A Critical Reassessment of Evolutionary Algorithms on the Cryptanalysis of th...A Critical Reassessment of Evolutionary Algorithms on the Cryptanalysis of th...
A Critical Reassessment of Evolutionary Algorithms on the Cryptanalysis of th...ijcisjournal
 
A critical reassessment of
A critical reassessment ofA critical reassessment of
A critical reassessment ofijcisjournal
 
Utilisation of l-Diversity and Differential Privacy in the Anonymisation of N...
Utilisation of l-Diversity and Differential Privacy in the Anonymisation of N...Utilisation of l-Diversity and Differential Privacy in the Anonymisation of N...
Utilisation of l-Diversity and Differential Privacy in the Anonymisation of N...Shankar Lal
 
Smith et al. - Efficient auditory coding (Nature 2006)
Smith et al. - Efficient auditory coding (Nature 2006)Smith et al. - Efficient auditory coding (Nature 2006)
Smith et al. - Efficient auditory coding (Nature 2006)xrampino
 

Similar to Network Security and Analysis with Python (6)

A Critical Reassessment of Evolutionary Algorithms on the Cryptanalysis of th...
A Critical Reassessment of Evolutionary Algorithms on the Cryptanalysis of th...A Critical Reassessment of Evolutionary Algorithms on the Cryptanalysis of th...
A Critical Reassessment of Evolutionary Algorithms on the Cryptanalysis of th...
 
A critical reassessment of
A critical reassessment ofA critical reassessment of
A critical reassessment of
 
HPC_NIST_SHA3
HPC_NIST_SHA3HPC_NIST_SHA3
HPC_NIST_SHA3
 
Huffman Coding
Huffman CodingHuffman Coding
Huffman Coding
 
Utilisation of l-Diversity and Differential Privacy in the Anonymisation of N...
Utilisation of l-Diversity and Differential Privacy in the Anonymisation of N...Utilisation of l-Diversity and Differential Privacy in the Anonymisation of N...
Utilisation of l-Diversity and Differential Privacy in the Anonymisation of N...
 
Smith et al. - Efficient auditory coding (Nature 2006)
Smith et al. - Efficient auditory coding (Nature 2006)Smith et al. - Efficient auditory coding (Nature 2006)
Smith et al. - Efficient auditory coding (Nature 2006)
 

More from pycontw

Python on FreeBSD
Python on FreeBSDPython on FreeBSD
Python on FreeBSDpycontw
 
讓 Python Script 擁有圖形化介面的簡單方法
讓 Python Script 擁有圖形化介面的簡單方法讓 Python Script 擁有圖形化介面的簡單方法
讓 Python Script 擁有圖形化介面的簡單方法pycontw
 
CyberLink Meets Python
CyberLink Meets PythonCyberLink Meets Python
CyberLink Meets Pythonpycontw
 
PyKinect: Body Iteration Application Development Using Python
PyKinect: Body Iteration Application Development Using PythonPyKinect: Body Iteration Application Development Using Python
PyKinect: Body Iteration Application Development Using Pythonpycontw
 
Developing Python Apps on Windows Azure
Developing Python Apps on Windows AzureDeveloping Python Apps on Windows Azure
Developing Python Apps on Windows Azurepycontw
 
Qt Quick GUI Programming with PySide
Qt Quick GUI Programming with PySideQt Quick GUI Programming with PySide
Qt Quick GUI Programming with PySidepycontw
 
STAF 在自動化測試上的延伸應用 -- TMSTAF (TrendMicro STAF)
STAF 在自動化測試上的延伸應用 -- TMSTAF (TrendMicro STAF)STAF 在自動化測試上的延伸應用 -- TMSTAF (TrendMicro STAF)
STAF 在自動化測試上的延伸應用 -- TMSTAF (TrendMicro STAF)pycontw
 
Grid Job Management
Grid Job ManagementGrid Job Management
Grid Job Managementpycontw
 
Small Python Tools for Software Release Engineering
Small Python Tools for Software Release EngineeringSmall Python Tools for Software Release Engineering
Small Python Tools for Software Release Engineeringpycontw
 
Python and Startup
Python and StartupPython and Startup
Python and Startuppycontw
 
Panoramic Video in Environmental Monitoring Software Development and Applica...
Panoramic Video in Environmental Monitoring Software Development and Applica...Panoramic Video in Environmental Monitoring Software Development and Applica...
Panoramic Video in Environmental Monitoring Software Development and Applica...pycontw
 
那些年 Python 攻佔了 GIS / The Year Python Takes Over GIS
那些年 Python 攻佔了 GIS / The Year Python Takes Over GIS那些年 Python 攻佔了 GIS / The Year Python Takes Over GIS
那些年 Python 攻佔了 GIS / The Year Python Takes Over GISpycontw
 
Introduction to Discrete-Event Simulation Using SimPy
Introduction to Discrete-Event Simulation Using SimPyIntroduction to Discrete-Event Simulation Using SimPy
Introduction to Discrete-Event Simulation Using SimPypycontw
 
Python and the Web
Python and the WebPython and the Web
Python and the Webpycontw
 
Large-scale Array-oriented Computing with Python
Large-scale Array-oriented Computing with PythonLarge-scale Array-oriented Computing with Python
Large-scale Array-oriented Computing with Pythonpycontw
 

More from pycontw (15)

Python on FreeBSD
Python on FreeBSDPython on FreeBSD
Python on FreeBSD
 
讓 Python Script 擁有圖形化介面的簡單方法
讓 Python Script 擁有圖形化介面的簡單方法讓 Python Script 擁有圖形化介面的簡單方法
讓 Python Script 擁有圖形化介面的簡單方法
 
CyberLink Meets Python
CyberLink Meets PythonCyberLink Meets Python
CyberLink Meets Python
 
PyKinect: Body Iteration Application Development Using Python
PyKinect: Body Iteration Application Development Using PythonPyKinect: Body Iteration Application Development Using Python
PyKinect: Body Iteration Application Development Using Python
 
Developing Python Apps on Windows Azure
Developing Python Apps on Windows AzureDeveloping Python Apps on Windows Azure
Developing Python Apps on Windows Azure
 
Qt Quick GUI Programming with PySide
Qt Quick GUI Programming with PySideQt Quick GUI Programming with PySide
Qt Quick GUI Programming with PySide
 
STAF 在自動化測試上的延伸應用 -- TMSTAF (TrendMicro STAF)
STAF 在自動化測試上的延伸應用 -- TMSTAF (TrendMicro STAF)STAF 在自動化測試上的延伸應用 -- TMSTAF (TrendMicro STAF)
STAF 在自動化測試上的延伸應用 -- TMSTAF (TrendMicro STAF)
 
Grid Job Management
Grid Job ManagementGrid Job Management
Grid Job Management
 
Small Python Tools for Software Release Engineering
Small Python Tools for Software Release EngineeringSmall Python Tools for Software Release Engineering
Small Python Tools for Software Release Engineering
 
Python and Startup
Python and StartupPython and Startup
Python and Startup
 
Panoramic Video in Environmental Monitoring Software Development and Applica...
Panoramic Video in Environmental Monitoring Software Development and Applica...Panoramic Video in Environmental Monitoring Software Development and Applica...
Panoramic Video in Environmental Monitoring Software Development and Applica...
 
那些年 Python 攻佔了 GIS / The Year Python Takes Over GIS
那些年 Python 攻佔了 GIS / The Year Python Takes Over GIS那些年 Python 攻佔了 GIS / The Year Python Takes Over GIS
那些年 Python 攻佔了 GIS / The Year Python Takes Over GIS
 
Introduction to Discrete-Event Simulation Using SimPy
Introduction to Discrete-Event Simulation Using SimPyIntroduction to Discrete-Event Simulation Using SimPy
Introduction to Discrete-Event Simulation Using SimPy
 
Python and the Web
Python and the WebPython and the Web
Python and the Web
 
Large-scale Array-oriented Computing with Python
Large-scale Array-oriented Computing with PythonLarge-scale Array-oriented Computing with Python
Large-scale Array-oriented Computing with Python
 

Recently uploaded

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 

Recently uploaded (20)

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 

Network Security and Analysis with Python

  • 1. NETWORK SECURITY AND ANALYSIS WITH PYTHON Lee Yang Peng Dunman High School Singapore
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9. DEEP Packet Inspection Searching if anything in the packet is suspicious
  • 10.
  • 11.
  • 12.
  • 13.
  • 14. ANALYTICS Motivation: Helping Deep Packet Inspection An initial experimental study Then I conducted experiments on them to determine their effectiveness
  • 15.
  • 16. HEURISTICS FOR ANALYTICS Detecting Constant Fields and Enumeration fields to learn about protocol format Constant: Bytes that do not change data in all packets in a single protocol.  For example: {‘x00’} appears all the time. Or {‘x00’, ‘x01’, ‘x02’} in sequence Enums: Bytes at fixed positions that changes only slightly or has a limited number of values.  For example: At position 5, only contains values within {‘x00’, ‘x01’, ‘x02’}
  • 17.
  • 18. Constant fields in protocol headers: Maybe… Paddings Protocol Version Reserved Fields
  • 19.
  • 20.
  • 21.
  • 22. Where pi is the probability of each value occurring
  • 23.
  • 25.
  • 26. Ethernet TCP UDP IPv4 IPv6 ICMP IGMP(v3) ARP SMB NBNS LLMNR DNS SCTP OSPF
  • 28.
  • 29. • Collected data unable to simulate randomness of a real network • False positives will be observed • For consistency, will mark these as incorrect during my evaluation
  • 30.
  • 31.
  • 32.
  • 33.
  • 34. • Manual analysis of the protocol header was compared against ground truth from protocol documentation • Mark every byte in protocol header as {Constant, Not Constant}, and {Enum, Not Enum} • Accuracy = (True Positives + True Negatives) / Total Header Length • Entered these data into a table
  • 35. Protocol Accuracy (Constants) Accuracy (Enums) TCP 100% 95% IPv4 90% 95% Ethernet 100% 100% IPv6 97.5% 92.5% DNS / NetBIOS-NS / LLMNR 41.7% 91.6% ARP 50.0% 62.5% ICMP 100% 100% UDP 100% 100% OSPF 30% 80% IGMP Version 3 50% 62.5% SCTP 100% 100% SMB 62.5% 84.4% Average Accuracy 76.8% 88.6%
  • 36. LIMITATIONS • Is only useful for analyzing a single protocol • Heuristics to detect higher level fields such as dependencies and sequence numbers are not yet implemented