LiU > IDA > Real-Time Systems Lab
ABOUT
MEMBERS
COOPERATION
PROJECTS
PUBLICATIONS
COURSES
OPEN POSITIONS
THESES
ALUMNI

Announcements

[26 May 2014] A bachelor student at RTSLAB was awarded the best thesis award from IDA - Simon Andersson. more ...

[31 May 2012] A masters student at RTSLAB was awarded the best thesis award from IDA - Ulf Magnusson. more ...

[27 February 2008] A masters student at RTSLAB was awarded the best thesis award from IDA - Johan Sigholm. more ...

[03 March 2004] A masters student at RTSLAB was awarded the best thesis award from IDA - Tobias Chyssler. more ...

[01 Jul 2003] For second year in a row a masters student at RTSLAB was awarded the best thesis award from SNART - Mehdi Amirijoo. more ...

Master Thesis - Past Projects - Abstract

Live network acquisition in a public access scenario

ID: LITH-IDA-EX--07/060--SE

This thesis investigates and implements a system that acquires connection information from UDP and TCP connections. The acquired information is transferred to a backend server for preservation. The purpose of collecting this information is to be able to trace which hosts an end-user has communicated with in the case a law enforcement agency investigates a crime that has been committed while using a public Internet access service. With this information an end-user can be binded to which hosts it has communicated with. The chosen solution takes advantage of the connection tracking system found in the Linux kernel, for acquiring the connection information from TCP and UDP connections. This has the advantage that UDP can be seen as a stateful protocol. The advantage of this is that data acquisition from every UDP packet is not needed and the wanted information will still be acquired, in the same way as for TCP connections. Another advantage is that information of how long time a UDP and TCP connection approximately lasted will be available. The system was implemented to be able to function in the Aptilo Networks system and was evaluated on real data. The evaluation has shown the scalability of the approach and provides a measure for the performance and storage needs.

Keywords:

Author(s): Magnus Florán

Contact: Simin Nadjm-Tehrani

Click here to return.
Last modified September 2012. If you have questions or suggestions for the webpages, contact the webmaster