All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

NTPAC - Network Traffic Packet Analysing Cluster

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F18%3APR32028" target="_blank" >RIV/00216305:26230/18:PR32028 - isvavai.cz</a>

  • Result on the web

    <a href="https://github.com/nesfit/NTPAC" target="_blank" >https://github.com/nesfit/NTPAC</a>

  • DOI - Digital Object Identifier

Alternative languages

  • Result language

    angličtina

  • Original language name

    NTPAC - Network Traffic Packet Analysing Cluster

  • Original language description

    The NTPAC tool is intended for a distributed processing of captured computer network communication. Typical network forensic analysis of captured communication on only one machine is very resource demanding and can be done only up to a specific limit even with a very powerful machine; we solve this issue with a distributed computation that scales horizontally. NTPAC processes data in the form of PCAP files with captured computer network communication, or it can intercept data directly on the wire.  Each processed packet is inherently routed to a particular working node which collects all the packets belonging to a particular conversation and conducts defragmentation and reassembling which are necessary preprocessing operations. Data are stored in a distributed Cassandra database. The actual extraction of application protocols occurs consequently after the data are stored in the database. This ensures a higher degree of fine resource utilization and emphasizes the paramount role of complete data preprocessing and capturing so non-packet gets logs. We recognize two types of application protocols - text-based and binary. The text-based protocols are processed by handwritten application protocol parsers based on our stream interface that serves preprocessed, reconstructed data. The binary protocols are processed by parsers which are automatically generated using the Kaitai tool. The combination of these approaches ensures easy extensibility of the NTPAC tool.

  • Czech name

  • Czech description

Classification

  • Type

    R - Software

  • CEP classification

  • OECD FORD branch

    10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Result continuities

  • Project

    <a href="/en/project/VI20172020062" target="_blank" >VI20172020062: Integrated platform for analysis of digital data from security incidents</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2018

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Internal product ID

    NTPAC

  • Technical parameters

    Pro podrobnosti licenčních podmínek konzultujte: Ing. Vladimír Pavelka, Útvar transferu technologií VUT v Brně, Božetěchova 2, 612 66 Brno, 541 141 499

  • Economical parameters

    Pro podrobnosti licenčních podmínek konzultujte: Ing. Vladimír Pavelka, Útvar transferu technologií VUT v Brně, Božetěchova 2, 612 66 Brno, 541 141 499

  • Owner IČO

  • Owner name

    Fakulta informačních technologií

Similar results(10)

Packet Sniffer for AODV Routing ProtocolNástroj pro zachycení síťové komunikace spolu s identifikací aplikací na platformách Windows, Linux, (BSD)Low-Latency Modular Packet Header Parser for FPGA