Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
An Animated Simulator for Packet Sniffer Xiaohong Yuan, Percy Vega, Jinsheng Xu, Huiming Yu, Stephen Providence North Carolina A&T State University 5/25/2017 WECS7 1 Overview • • • • • Introduction Packet Sniffer Packet Sniffer Simulator Tool Evaluation Conclusion and Future work 5/25/2017 WECS7 2 Introduction • Visualization has been used in computer science education • Visualization of computer security concepts are needed – Embry-Riddle Aeronautical Univ. developed interactive modules for such topics as buffer overflow vulnerabilities, cryptography, etc. – CyberCIEGE is a high-end, commercial-quality video game developed for teaching security concepts and practices – We designed and implemented an animated simulator for packet sniffer 5/25/2017 WECS7 3 Packet Sniffer • Packet sniffer is a program that captures all of the data packets that pass through a given network interface, and recognizes and decodes certain packets of interest. • A packet sniffer can only capture packets within a given subnet. • The network interface of the computer that has the packet sniffer is configured into promiscuous mode • Commercial and free packet sniffer tools – Ethereal – AnalogX PacketMon – Network Probe 5/25/2017 WECS7 4 The Packet Sniffer Simulator • It demonstrates visually – how a packet sniffer works in a local area network environment (Demo I – IV) – how data packets are encapsulated and interpreted while going through the protocol stack (Demo V) • Implemented in Macromedia Flash MX Professional Edition – Can run as a Flash applet in web page – Can also run as a standalone application (Macromedia Flash Player is needed) 5/25/2017 WECS7 5 The Packet Sniffer Demos • Demo I: Direct Path – Displays the path a data packet from a source goes through to reach destination • Demo II: The real Path – The packet reached all attached computer across a common collision domain • Demo III: Promiscuous Mode – A computer’s network interface hardware configured into promiscuous mode accepts all frames 5/25/2017 WECS7 6 Packet Sniffer Demos – Ctd. • Demo IV: Packet Sniffer – Packet sniffer is installed on a computer to examine the data packets captured • Demo V: Telnet Over TCP/IP – How a data packet is encapsulated and deencapsulated while going through the protocol stack 5/25/2017 WECS7 7 The Packet Sniffer Simulator: The Learning Objectives • • • • • • Explain the differences between a hub, a bridge/switch, and a router Explain bus and star topology Explain how a data packet is transmitted in a local area network Explain the purpose of “promiscuous mode” of a network interface Explain what a packet sniffer does, and how it works. Explain the encapsulation and de-encapsulation process of a data packet while going through the protocol stack 5/25/2017 WECS7 8 The Packet Sniffer Simulator: Demo • http://clayton.ncat.edu/comp476/Packet SnifferAnimation/index.html 5/25/2017 WECS7 9 Tool Evaluation • The packet sniffer simulator is used in a computer network security class in Fall 2005 – Total number of students: 12 • First a pretest was given based the learning objectives • A homework assignment was given to the students based on the packet sniffer simulator • Then a posttest was given to the students and a survey questionnaire was conducted 5/25/2017 WECS7 10 Pre-Post Test Score Comparison Scatter Graph for Total Score (in % ) 120 100 Score 80 Pre-Test Score 60 Post-Test Score 40 20 0 0 5 10 15 Student 5/25/2017 WECS7 11 The Survey Summary Strongly Agre e Agree Neither Agree or Disagree The tool helped in learning computer network and security concepts 33.33% 58.33% 8.33% 0.0% 0.0% The learning objectives are met by using the tool 33.33% 58.33% 0.0% 8.33 0.0% The tool helped you understand the questions asked in the homework 25% 8.33% 0.0% 0.0% The web site and the tutorial were helpful in understanding the demo 66.67% Disagre e Strongly Disagre e 33.33% 66.67% 0.0% 0.0% 0.0% 50% 50% 0.0% 0.0% 0.0% Would like to see more of this kind of tools 66.67% 33.33% 0.0% 0.0% 0.0% You would like to recommend this tool to others? 66.67% 25% 0.0% 8.33% 0.0% The tool is easy to learn and understand 5/25/2017 WECS7 12 Conclusion and Future Work • An animated simulator for packet sniffer and related network concepts has been developed • It has been used in a computer network security course in Fall 2005 • The student Feedback was very positive • Future work – Develop animated simulation for more security concepts – Continue evaluating the effectiveness of visualization tool in teaching computer security courses 5/25/2017 WECS7 13 5/25/2017 WECS7 14