Design and Implementation of LAN-sensitive Information Interception and Analysis System
- 10.2991/isccca.2013.197How to use a DOI?
- Network Security Monitor, Protocol Analysis, ARP Spoof, WinPcap, TCP/IP
The LAN usually hides internal network structure by NAT to share a public IP address in the internal network, and thus it is hard to locate the source host precisely distributing sensitive information for a large-scale information monitoring system by analyzing the intercepted packets. So it is hard to fulfill monitoring work efficiently. This paper puts forward a scheme to intercept and analyze the sensitive information in the LAN environment. It studies the ARP spoofing principle and the sniffer technology based on WINPCAP. The scheme includes 7 modules named NIC capture module, packet filtering module and so on. And it achieves sensitive information filtering and matching by the configured rules, such as "keywords", "URL", "QQ number" and so on. The scheme provides a solution for tracking the source host leaking sensitive information within the LAN.
- © 2013, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Shaofeng Lin AU - Weifeng Sun AU - Linna Fan AU - Hua Wang PY - 2013/02 DA - 2013/02 TI - Design and Implementation of LAN-sensitive Information Interception and Analysis System BT - Proceedings of the 2nd International Symposium on Computer, Communication, Control and Automation (ISCCCA 2013) PB - Atlantis Press SP - 785 EP - 787 SN - 1951-6851 UR - https://doi.org/10.2991/isccca.2013.197 DO - 10.2991/isccca.2013.197 ID - Lin2013/02 ER -