Derin paket inceleme (DPI), ağ paketlerini beş katmanlı ağ modelinde bulunan uygulama katmanına kadar analiz ederek ağda bulunan uygulama protokollerini tespit etmek için kullanılan ileri seviye bir paket tanımlama yöntemidir. Bu çalışmada DPI yöntemi kullanarak paket tanımlaması yapan açık kaynak kodlu nDPI kütüphanesi ele alınmıştır. Bu kütüphane üzerinden yeni uygulama protokolü tespiti ve eksikliği bulunan bazı protokollere de eklemeler sağlanarak alana katkıda bulunulması hedeflenmiştir. Ayrıca, nDPI tarafından yanlış kategorize edildiği tespit edilen ağ paketleri için yeni kural tanımlarının yapılarak bu gibi durumların düzeltilmesi sağlanmıştır. Tüm bunlar için, ağ trafiği Wireshark paket yakalama aracıyla kaydedilip paket içerikleri analiz edilerek yeni kurallar oluşturulmuş ve yeni bulunan uygulama protokolleri nDPI kütüphanesine eklenmiştir. Son olarak, nDPI’da uygulama protokolü tespiti için yapılan çalışmaların kısmi bir otomasyonu yazılmıştır.
Deep packet inspection (DPI) is a an advanced packet identification method used to detect application protocols found in the network by analyzing network packets up to the application layer in the five-layer network model. In this study, the open source nDPI library, which uses DPI method to identify packets, is discussed. It is aimed to contribute to the field by detecting new application protocols and adding some missing protocols through this library. In addition, new rule definitions were made for network packets that were found to be miscategorized by nDPI, and such cases were corrected. For all these, network traffic was recorded with Wireshark packet capture tool, packet contents were analyzed, new rules were created and newly found application protocols were added to the nDPI library. Finally, a partial automation of the work done for the application protocol detection in nDPI was written.
Primary Language | Turkish |
---|---|
Subjects | Engineering |
Journal Section | Makaleler(Araştırma) |
Authors | |
Early Pub Date | October 22, 2023 |
Publication Date | November 20, 2023 |
Published in Issue | Year 2023 Volume: 16 Issue: 2 |
Article Acceptance
Use user registration/login to upload articles online.
The acceptance process of the articles sent to the journal consists of the following stages:
1. Each submitted article is sent to at least two referees at the first stage.
2. Referee appointments are made by the journal editors. There are approximately 200 referees in the referee pool of the journal and these referees are classified according to their areas of interest. Each referee is sent an article on the subject he is interested in. The selection of the arbitrator is done in a way that does not cause any conflict of interest.
3. In the articles sent to the referees, the names of the authors are closed.
4. Referees are explained how to evaluate an article and are asked to fill in the evaluation form shown below.
5. The articles in which two referees give positive opinion are subjected to similarity review by the editors. The similarity in the articles is expected to be less than 25%.
6. A paper that has passed all stages is reviewed by the editor in terms of language and presentation, and necessary corrections and improvements are made. If necessary, the authors are notified of the situation.
. This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.