Outbound Network Traffic Monitring
Abstract
The objective of this research is to begin the task of identifying the purpose of outbound traffic of a computer network. In this study, resources available on the Internet were used to find the probable location and the owner of observed destination IP addresses as the first step of this long term research goal. JAVA code was written which uses Internet search engines to get the required owner and location information. To test the code, headers of outbound Oklahoma State University traffic were collected using TCP Dump during four time intervals over a 24 hour period. By using the available information in Internet, the percentage of known IP Locations was approximately 99.7 % at all different times. The majority of IP destination address locations were in the United States. Traffic patterns were observed to change over time with most non-U.S. traffic headed for Asia and Europe.
Collections
- OSU Theses [15752]