PCAP Visualisation

Sign in or create your account | Project List | Help

PCAP Visualisation

Logo

Contents

  1. Description
  2. Visualisation Demo
  3. Members
  4. Agendas and Minutes
  5. Deliverables

Project Description

The aim of our project is to capture the real-time network packets or read PCAP format files (a well-known file format for storing network packet traces) from local PC of multiple clients, and decoding the file into JSON formats, then provide a web service to display this data in a webpage.

Some of the visualizations we will use are: data flows diagrams, IP maps, traffic maps & tables.

What is PCAP?

PCAP (Packet Capture) is a file extension consists of network packet traces. It is used to analyze the network activity and traffic.

To capture network traffic an application programming interface (API) needs to be used.


PCAP File Format


format

  • Each PCAP File includes Global Header and a number of Packets.

    • Global Header(24 Bytes):

      Byte Numbers Purpose
      0-3 Magic Number
      4-7 Version
      8-15 GMAT Offset
      16-19 Max Length
      20-23 Header Type
    • Packets: Each packet includes Packet Header and Packet Data.

      • Packet Header(16-Bytes):

        Byte Numbers Purpose
        0-3 Time
        4-7 Microseconds
        8-11 Excepted Size
        12-15 Actual Size
      • Packet Data: Differs between protocols


About the project

There are three main jobs of our project: Capture/Read PCAP, Decode and transfer data, Process and Display data

As the PCAP files consist of Bytes which humans cannot read. We need to use APIs for capturing/reading PCAP and decoding them into data which humans can understand.

The capture and decoding is done on the client side. To communicate with clients, a server is needed for receiving the data and storing the data into a database.

To display the visualisation, multiple webpages are required to display data in different ways. The Server needs to send data to webpages.

Therefore, we have divided our project into four parts:

  • Client Software
  • Server
  • Database
  • Webpages
Structure

Client Software:

The aim of the client-side program is to capture the real-time packets and read pcap format files, then decoding the traces into JSON format and sending data to the server.

Technique used:JNetpcap API for capturing and decoding.


Server:

The aim of server is to receive the JSON stream and put the data into classes, also store the data into the database.

Technique used:J2EE and Tomcat Server with Java Servlet for this part and webpage part.


Database:

The aim of database is to store historical data for displaying and analyzing on webpages.

Technique used:MySQL for the database management system.


Webpages:

The aim of webpages is to get data from the database or server and display the visualisation of PCAP traces.

Technique used:HTML, CSS, Javascript, JQuery, Ajax and some Javascript Library like d3.js.




Visualisation Demo

Demo

Example 1: Display the PCAP data in forms



Demo

Example 2: Visualisation of the PCAP data



Members


Agendas and Minutes

  1. 04/10/2013
  2. 07/10/2013
  3. 11/10/2013
  4. 14/10/2013
  5. 18/10/2013
  6. 21/10/2013
  7. 25/10/2013
  8. 28/10/2013

Deliverables

  • Group Project Site
    • Description of the Project

    • Agendas and Minutes

    • Collectively Created, Version-controlled, Document

    • Raising and Closing of Issues

  • Interim Group Report
    • Updated and expanded description of the problem to be solved.

    • Background information and research

    • Requirements specification for the system to be built

    • Initial design of the proposed system and its user interface.

    • Record of key implementation decisions, such as programming languages, operating systems, computers, and any additional software and hardware to be used, along with reasons for those decisions.

    • Results of any initial implementation steps/prototyping.

    • Discussion of any problems encountered so far, including both technical issues and management issues

    • Time plan for the project.

  • Final Group Report
    • Updated design of the system and its user interface.

    • Discussion on the implementation and testing of the system.

    • Summary of what was achieved, referring to the stated requirements.

    • Reflective comments on the success of the project, both from a technical and a project management perspective, including group working issues etc.

    • An appendix giving a description of how the developed system was tested

    • Minutes: Minutes from all formal meetings should be submitted.

  • Software
    • Functionality and features

    • How well the developed software actually works

    • The size and difficulty level of the addressed problem(s)

    • The technical sophistication of the developed software

    • How well the software is written (architecture, proper modularisation, proper abstractions, naming conventions, layout, documentation, etc.)

    • Quality of the testing

  • Open Day
    • Set up a “trade stall” with posters, leaflets, and a live demonstration of their application.

    • Everyone dresses formally for the Open Day.

    • Complete an equipment form detailing the hardware and software requirements for the Open Day.

  • Presentation Day
    • The presentation should be 10 minutes long, with an additional 5 minutes for questions.

    • The main content of the presentation should be a description of the problem addressed by the project, an overview of the application developed, and some reflective remarks on the success of the project.

    • The presentation is usually given using electronic slides.

    • Everyone dresses formally for the group project presentations.

    • Complete an equipment form detailing the hardware and software requirements for the presentation if there are any non-standard needs.

    • The project presentation schedule will be available two to three weeks before the Presentation Day.


    Powered by InDefero,
    a Céondo Ltd initiative.