Wan Ab Karim, Wan Muhammad Khairuddin (2023) PCAP file analyzer for network forensic. Project Report. Universiti Teknikal Malaysia Melaka, Melaka, Malaysia. (Submitted)
![[img]](http://digitalcollection.utem.edu.my/style/images/fileicons/text.png) |
Text (24 Pages)
PCAP file analyzer for network forensic.pdf - Submitted Version Download (284kB) |
|
Text (Full text)
PCAP file analyzer for network forensic.pdf - Submitted Version Restricted to Registered users only Download (4MB) |
Abstract
PCAP file is a file that is commonly used by network forensic analyst to preserve network connection and to do inclvestigation on network. PCAP file used to capture and store network traffic that contains network packets and its' information about it. In PCAP file, there is so many information can be extracted such as source and destination IP address, packet's payload and other types of metadata. Many tools can be used to perform analysis on PCAP file such as Tshark, wireshark or Network Miner. In previous research, a PCAPFunnel tool is developed to provide a visualization to PCAP file. This tool uses Tshark as its backend processing to extract data from PCAP file and use the front end framework to visualize extracted data. This tool mainly focus on visualization of data. In this project, it extend the capability of a single network forensic tool from providing just a visualization of data to another multiple feature such as deep packet inspection, file extraction, and strings extraction.
| Item Type: | Final Year Project (Project Report) |
|---|---|
| Uncontrolled Keywords: | Network forensic, PCAP file, Tool, Scapy, Python, NFAT |
| Subjects: | Q Science > QA Mathematics |
| Divisions: | Library > Final Year Project > FTMK |
| Depositing User: | Sabariah Ismail |
| Date Deposited: | 03 Apr 2024 07:53 |
| Last Modified: | 03 Apr 2024 07:53 |
| URI: | http://digitalcollection.utem.edu.my/id/eprint/31568 |
Actions (login required)
 |
View Item |
Download Statistics
Download Statistics