Pcap

Pcap

Mixed Deep Learning and Statistical Approach to Network Anomaly Detection

Published in Sarvesh Tanwar, Sumit Badotra, Ajay Rana, Machine Learning, Blockchain, and Cyber Security in Smart Environments, 2023

Vineeta Soni, Siddhant Saxena, Devershi Pallavi Bhatt, Narendra Singh Yadav, Amit Bairwa, Satpal Singh Kushwaha, Sarada Prasad Gochhayat

Pcap is an application programming interface (API) for capturing packets in the network to which the computer is attached .Pcap files can be filled with captured data using the Tcpdump Packet Analyzer, a computer program that runs under a command-line interface. For example, to capture 100 packets from any interface in a Linux environment, use the command:.pcap files can be analyzed using the Wireshark tool.

TCN enhanced novel malicious traffic detection for IoT devices

View Article

Journal Information

Published in Connection Science, 2022

Liu Xin, Liu Ziang, Zhang Yingli, Zhang Wenqiang, Lv Dong, Zhou Qingguo

The network traffic passing through the node can be copied and forwarded by a bypass in a network node. The data capture module copies the data from the network card to the memory and temporarily stores them for subsequent processing. At present, more general traffic monitoring and capture software is implemented based on the Pcap APIs, such as Wireshark, Nmap, ntop, TCPDUMP, and WinDUMP, and intrusion detection system snort. Pcap APIs use Libpcap (Garcia, 2008; McCanne, 2011) under Linux and WinPcap (Risso & Degioanni, 2001) under Windows. The traffic captured in this method will be copied to memory with Pcap encapsulation format, including capture time, data size, and other information.

Explore chapters and articles related to this topic

Mixed Deep Learning and Statistical Approach to Network Anomaly Detection

TCN enhanced novel malicious traffic detection for IoT devices