The optimization of stepping stone detection : packet capturing steps

Abstract

This paper proposes an optimized packet capturing stone detection algorithm that can shorten the response time of overall response mechanism. The aim of the research is to improve the packet capturing step in stepping stone algorithm, thus, improve the response from overall detection and response system. The proposed method is to use small size of user buffer and kernel buffer. Experiments were conducted with two types of packet stream; i) 10 kbps and ii) 10 000 kbps data generated by Tfgen (packet generator) tools and nine combinations of different buffer sizes for each network packet stream were tested. Results from the experiment were analyzed. From the result, it is proven that the proposed method (by using small size of buffer) gives better result. The research concludes that by using the proposed method, the response time can be improved.