An Animated Simulator for Packet Sniffer North Carolina A&T State University

advertisement

An Animated Simulator for

Packet Sniffer

Xiaohong Yuan, Percy Vega, Jinsheng Xu, Huiming Yu, Stephen Providence

North Carolina A&T State University

4/13/2020 WECS7 1

Overview

• Introduction

• Packet Sniffer

• Packet Sniffer Simulator

• Tool Evaluation

• Conclusion and Future work

4/13/2020 WECS7 2

Introduction

• Visualization has been used in computer science education

• Visualization of computer security concepts are needed

– Embry-Riddle Aeronautical Univ. developed interactive modules for such topics as buffer overflow vulnerabilities, cryptography, etc.

– CyberCIEGE is a high-end, commercial-quality video game developed for teaching security concepts and practices

– We designed and implemented an animated simulator for packet sniffer

4/13/2020 WECS7 3

Packet Sniffer

• Packet sniffer is a program that captures all of the data packets that pass through a given network interface, and recognizes and decodes certain packets of interest.

• A packet sniffer can only capture packets within a given subnet.

• The network interface of the computer that has the packet sniffer is configured into promiscuous mode

• Commercial and free packet sniffer tools

– Ethereal

– AnalogX PacketMon

– Network Probe

4/13/2020 WECS7 4

The Packet Sniffer Simulator

• It demonstrates visually

– how a packet sniffer works in a local area network environment (Demo I – IV)

– how data packets are encapsulated and interpreted while going through the protocol stack

(Demo V)

• Implemented in Macromedia Flash MX

Professional Edition

– Can run as a Flash applet in web page

– Can also run as a standalone application

(Macromedia Flash Player is needed)

4/13/2020 WECS7 5

The Packet Sniffer Demos

• Demo I: Direct Path

– Displays the path a data packet from a source goes through to reach destination

• Demo II: The real Path

– The packet reached all attached computer across a common collision domain

• Demo III: Promiscuous Mode

– A computer’s network interface hardware configured into promiscuous mode accepts all frames

4/13/2020 WECS7 6

Packet Sniffer Demos – Ctd.

• Demo IV: Packet Sniffer

– Packet sniffer is installed on a computer to examine the data packets captured

• Demo V: Telnet Over TCP/IP

– How a data packet is encapsulated and deencapsulated while going through the protocol stack

4/13/2020 WECS7 7

The Packet Sniffer Simulator: The

Learning Objectives

• Explain the differences between a hub, a bridge/switch, and a router

• Explain bus and star topology

• Explain how a data packet is transmitted in a local area network

• Explain the purpose of “promiscuous mode” of a network interface

• Explain what a packet sniffer does, and how it works.

• Explain the encapsulation and de-encapsulation process of a data packet while going through the protocol stack

4/13/2020 WECS7 8

The Packet Sniffer Simulator:

Demo

• http://clayton.ncat.edu/comp476/Packet

SnifferAnimation/index.html

4/13/2020 WECS7 9

Tool Evaluation

• The packet sniffer simulator is used in a computer network security class in Fall 2005

– Total number of students: 12

• First a pretest was given based the learning objectives

• A homework assignment was given to the students based on the packet sniffer simulator

• Then a posttest was given to the students and a survey questionnaire was conducted

4/13/2020 WECS7 10

Pre-Post Test Score Comparison

Scatter Graph for Total Score (in % )

120

100

80

60

40

20

0

0 5

Student

10 15

Pre-Test Score

Post-Test Score

WECS7 4/13/2020 11

The Survey Summary

The tool helped in learning computer network and security concepts

The learning objectives are met by using the tool

The tool helped you understand the questions asked in the homework

The web site and the tutorial were helpful in understanding the demo

The tool is easy to learn and understand

Would like to see more of this kind of tools

You would like to recommend this tool to others?

Strongly

Agre e

33.33%

33.33%

25%

33.33%

50%

66.67%

66.67%

Agree

58.33%

58.33%

66.67%

66.67%

50%

33.33%

25%

4/13/2020 WECS7

Neither

Agree or

Disagree

8.33%

Disagre e

0.0%

Strongly

Disagre e

0.0%

0.0%

8.33%

0.0%

0.0%

0.0%

0.0%

8.33

0.0%

0.0%

0.0%

0.0%

8.33%

0.0%

0.0%

0.0%

0.0%

0.0%

0.0%

12

Conclusion and Future Work

• An animated simulator for packet sniffer and related network concepts has been developed

• It has been used in a computer network security course in Fall 2005

• The student Feedback was very positive

• Future work

– Develop animated simulation for more security concepts

– Continue evaluating the effectiveness of visualization tool in teaching computer security courses

4/13/2020 WECS7 13

4/13/2020 WECS7 14

Download