Re: Selecting certain bits from a TCP header

I think you’re going to have a kernel-level software component to do that, e.g. the privileged interfaces that are tapped by a program such as Ethereal.

Statistical analysis of the thus-recovered data stream probably could be done in-part with Perl. (I say, “in part,” because Perl’s job would be to extract the bit-sequences for subsequent analysis by established programs such as R.)

Replies are listed 'Best First'.
Re^2: Selecting certain bits from a TCP header by rspishock (Monk) on Aug 22, 2011 at 19:57 UTC
Thanks for your advice. As this is partially just a project for myself, I am also considering using this to help research a paper of forensic detection of network based steganography. My intention is to generate known carrier packets from one test VM and send them to another test VM while collecting them through wireshark. The main part of this is pretty clear, however, the hard part is coming up with the script which I may use. However, your advice has been helpful, and I'll take a look at R when I get home to see how I can use it. Thanks again for the advice.	[reply]

Replies are listed 'Best First'.

Re^2: Selecting certain bits from a TCP header
by rspishock (Monk) on Aug 22, 2011 at 19:57 UTC

Thanks for your advice.

As this is partially just a project for myself, I am also considering using this to help research a paper of forensic detection of network based steganography. My intention is to generate known carrier packets from one test VM and send them to another test VM while collecting them through wireshark. The main part of this is pretty clear, however, the hard part is coming up with the script which I may use.

However, your advice has been helpful, and I'll take a look at R when I get home to see how I can use it.

Thanks again for the advice.

[reply]