JPANDDR-Implementation of a JAVA based tool for Protocol Analysis, Network Diagnose, and Data Reassembly - PowerPoint PPT Presentation
1 / 39
Title:
JPANDDR-Implementation of a JAVA based tool for Protocol Analysis, Network Diagnose, and Data Reassembly
Description:
JPANDDR-Implementation of a JAVA based tool for Protocol Analysis, Network Diagnose, and Data Reassembly Advisor: Dr. Kai-Wei Ke Speaker: Jaw-Woei Ma – PowerPoint PPT presentation
Number of Views:186
Avg rating:3.0/5.0
Title: JPANDDR-Implementation of a JAVA based tool for Protocol Analysis, Network Diagnose, and Data Reassembly
1
JPANDDR-Implementation of a JAVA based tool for
Protocol Analysis, Network Diagnose, and Data
Reassembly
- Advisor Dr. Kai-Wei Ke
- Speaker Jaw-Woei Ma
- Date2007 07/28
2
Outline
- Introduction
- Protocol
- JPANDDR
- Test Result
- Conclusions
- Future Work
- References
- Demo
3
Introduction
- JAVA
- JVM
- Object-Oriented
- Mobility (Byte Code)
- Support Network Programming
- JPANDD is based on JAVA programming language
4
Introduction
- JAVA API
- Application Programming Interface
- Reuse and Extend
- Easy and fast to implement
- JPANDDR uses JMF and JPcap
Java 2????????API
5
JMF
- Java Media Framework
- enables audio, video and other time-based media
to be added to applications and applets built on
Java technology - JMF API ?????? ??? JMF ???? RTP ??JMF ?
6
JMF
- JMF Process Model
7
JPcap
- Java Package for Packet Capture
- allows Java applications to capture and/or send
packets to the network - based on libpcap/winpcap and Raw Socket API
8
JPcap
- JPcap Process Model
9
JPcap
- Network Interface represents a network
interface - Jpcap Captor capture packets or read packets
from a captured file - Jpcap Sender send packets
- Packet This is a root class of all the packets
captured by Jpcap
10
Protocol
- TCP
- Transmission Control Protocol
- Connection-Oriented
- Reliable transmission
- Flow Control and Congestion Control
- ACK and Retransmission
11
Protocol
- TCP Header Format
12
Protocol
- Three-Way Handshake Diagram
13
Protocol
- FTP
- File Transfer Protocol
- 2 TCP connection
- Port 21 for control
- Port 20 for data
14
Protocol
- FTP command
????? ??
USER ltSPgt ltusernamegt ltCRgt ltLFgt USER ???????
QUIT ltCRgt ltLFgt QUIT ??FTP??
PORT ltSPgt lta1,a2,a3,a4,p1,p2gt ltCRgt ltLFgt PORT???????IP??????
TYPE ltSPgt lttype-codegt ltCRgt ltLFgt TYPE??????
MODE ltSPgt ltmode-codegt ltCRgt ltLFgt Transfer MODE ??????
STRU ltSPgt ltstructure-codegt ltCRgt ltLFgt File STRUcture??????
RETR ltSPgt ltpathnamegt ltCRgt ltLFgt RETRieve????
STOR ltSPgt ltpathnamegt ltCRgt ltLFgt STORe????
NOOP ltCRgt ltLFgt NO OPeration???
15
Protocol
- SIP
- Session Initiation Protocol
- Client/Server Mode
- Request/Response Message
16
Protocol
- Session Establishment System Sequence Diagram
17
JPANDDR
- JAVA for Protocol Analysis, Network Diagnose, and
Data Reassembly - Network Protocol Analyzer
- Based on JAVA
- JPcap and JMF API
18
JPANDDR
- Function - 1
- (1) Capture Packets and Header Analysis
- (2) Protocol Analysis
- (3) Packet Handshaking
- (4) Protocol Statistics and Analysis
19
JPANDDR
- Function 2
- (5) Data Reassembly and Replay
- (6) Network Debug and Diagnose
- (7) Make up Packets
- (8) Additional Function
20
JPANDDR
- System Architecture
- Packet Maker
- Subsystem
- Protocol Process
- Subsystem
- Network Diagnosis and
- Debug Subsystem
- Additional Function
- Subsystem
21
JPANDDR
- Subsystem
- Protocol Process Subsystem - Analytic Processor
22
JPANDDR Data Reassembly and Replay
- FTP Data Reassembly
- For Stream Mode
- Remove Packet Header
- Packet Reorder and Reassembly
23
JPANDDR - Data Reassembly and Replay
- pseudo Code
24
JPANDDR - Data Reassembly and Replay
- VoIP Data Reassembly
- RTP Transmission
- For PCM encode
25
JPANDDR - Data Reassembly and Replay
- PCM decode (1/2)
26
JPANDDR - Data Reassembly and Replay
- PCM decode (2/2)
27
JPANDDR - Network Diagnose
- ICMP Echo Request
- Parse information in ICMP Echo Replay
- TCP/IP???? 127.0.0.1
- ???? - IP
- ???????? xxx.xxx.xxx.1253
- ?????(Gateway)?? xxx.xxx.xxx.254 (default)
- DNS????? 168.95.1.1 (default)
- ping Internet???????? www.google.com
28
JPANDDR - Network Diagnose
29
Test Result - Network Diagnose
- Network Diagnose Report
30
Test Result - Network Diagnose
- Two test Result
- (1) No IP (2) No gateway
31
Test Result - Data Reassembly and Replay
- Use LeapFTP
- Stream Mode
32
?????? ?????? ??
.jpg ??
.doc ??
.ppt ??
.txt ??
.exe ??
.avi ??
.wav ? ????????
.html ? ???????????
.rm ??
.mp3 ??
.rar ?? ?????????????????????????
.zip ?? ?????????????????????????
.bmp ?
33
Test Result - Data Reassembly and Replay
- Sample Rate - 8kHZ
- Sample Bits - 16bits
- Little Endian
- .wav file
34
System Compare
- Sniffer?ClearSight?Ethereal,????Ethereal???????
- JPANDDR Network Protocol Analyzer
- Ethereal Network Packet Analyzer
35
System Compare
??? JPANDDR Ethereal
???? ???? ????,???? ????
???? ?? ??
???? ???? ???????? ????
???? ???? ?????? ??????
???? ???? ? ?
?????? ???????? ????????
???? ?,????????? ?
36
Conclusions
- This research implements a system that provides
not only the basic function such as protocol
tracking?monitoring and analyzing network
diagnosis capability ,but also information
retrieval and recovery from the captured data
packets on the networks.
37
Future Work
- JPANDDR
- ?????????
- IPv6?????
- ???????????
- Goal The worlds popular network protocol
analyzer
38
References
- http//netresearch.ics.uci.edu/kfujii/jpcap/doc/in
dex.html - http//java.sun.com/products/java-media/jmf/refere
nce/api/index.html - http//www.ethereal.com/
39
Demo
Recommended
CrystalGraphics Presentations
