1. Home
  2. Archives
  3. Vol. 7 No. 2 (2017)
  4. Articles

TRAFFIC ANALYSIS USING NETFLOW AND PYTHON

Vaclav Oujezsky

vaclav.oujezsky@phd.feec.vutbr.cz
Brno University of Technology, Department of Telecommunication (Czechia)

Tomas Horvath


Brno University of Technology, Department of Telecommunication (Czechia)


Abstract

This article presents an application that is used as NetFlow collector and analyzer. It is a console application created in Python language. A software analyzer detects and analyzes incoming NetFlow messages version 1 and 5 of devices that support them. The output file is a database of information and analysis of the overall UNIX time duration of reported traffic and analysis of NetFlow lifetime. The software is developed to work with Python version 3 and higher and is designed for the Windows operating system.


Keywords:

IP networks, Computer languages, Software tools

Cisco Systems, Inc., Introduction to Cisco IOS NetFlow ¬– A Technical Overview. CISCO, 2012
  Google Scholar

IETF, Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of Flow Information. IETF Tools, 2013.
  Google Scholar

Cisco Systems, Inc.: NetFlow Services Solution Guide. http://www.cisco.com/c/en/us/td/docs/ios/solutions_docs/netflow/nfwhite.html [23.09.2016].
  Google Scholar

Plixer International, Inc., Flow Analytics, Plixer¬–Malware Incident Response, 2016.
  Google Scholar

Plixer International, Inc.: Top 5 Uses of NetFlow for Network Security. https://www.plixer.com/blog/netflow/top-5-uses-of-netflow-for-network-security/ [24.09.2016].
  Google Scholar

Network Security Research.: GDP¬–NetFlow Collector, BUT, 2015.
  Google Scholar

Plixer International, Inc., NetFlow packet Version 5 (V5), 2016.
  Google Scholar

Cole N.: An introduction to npyscreen. http://npyscreen.readthedocs.io/introduction.html [24.09.2016]
  Google Scholar

Python Software Foundation, Threading — Thread-based parallelism. Python 3.5.1 documentation, 1990-2016.
  Google Scholar

Oujezský V., Horváth T., Škorpil V.: Modeling Botnet C& C Traffic Lifespans from NetFlow Using Survival Analysis. In Proceedings of the 39th International Conference on Telecommunication and Signal Processing, TSP 2016. International Conference on Telecommunications and Signal Processing (TSP). Vienna, Austria, 2016, 50–55.
  Google Scholar

Download


Published
2017-06-30

Cited by
Crossref
Scopus
Google Scholar
Europe PMC

Oujezsky, V. ., & Horvath, T. . (2017). TRAFFIC ANALYSIS USING NETFLOW AND PYTHON. Informatyka, Automatyka, Pomiary W Gospodarce I Ochronie Środowiska, 7(2), 5–7. https://doi.org/10.5604/01.3001.0010.4823

Authors

Vaclav Oujezsky 
vaclav.oujezsky@phd.feec.vutbr.cz
Brno University of Technology, Department of Telecommunication Czechia

Authors

Tomas Horvath 

Brno University of Technology, Department of Telecommunication Czechia

Statistics

Abstract views: 659
PDF downloads: 1631







Facebook Lublin University of Technology

Lublin University of Technology Publishing House

ul. Nadbystrzycka 36C/309D,
20-618 Lublin
tel. +48 81 538-46-59
email ph@pollub.pl

Copyright

Copyright 2019 by Lublin University of Technology
OJS Support and Customization by LIBCOM
Platform & workfow by OJS/PKP
Regulamin Platformy LUT PH
Regulations of the LUT PH e-Platform