Student: Gürcan GERÇEK (TR)
Primary mentor: Oğuz Yarımtepe (TR)
Backup mentor: Adam Pridgen (US), Nicolas Collery (FR/SG)
Google Melange: https://www.google-melange.com/gsoc/proposal/review/google/gsoc2013/ggercek/1
This project aims aimed to analyze the traffic data in a more human readable way. It will analyze the information at the application level and displays the assembled information. It will help you analyze malwares inside the traffic as weel as anomalies. This project is an improvement to https://github.com/oguzy/ovizart project in the scope of Google Summer of Code 2013.
May 27th - June 17th: Community Bonding Period
June 17th : GSoC 2013 coding officially starts
June 17th - June 24th: Initial folder structure & Core design coding and documentation, pcap parser module
June 24th - July 1st:
TCPFlow integration Re-assembly and basic tagger module structure
July 1st - July 15th : DB integration Tagger module: more protocol signatures
July 15th - July 22nd : Built-in HTTP server and Rest API support for basic CLI implementation
July 22nd - July 29th : Integration & Testing for midterm evaluation
July 29th - August 19th : Online traffic analysis
August 5th - August 19th : Web UI Implementation, authentication
August 19th - August 26th : Visualization features
August 26th - September 2nd : Interactive shell
September 2nd - September 9th : Dynamic analyzer addition
September 9th - September 16th : Documentation & Testing
Project Source Code Repository: https://github.com/honeynet/ovizart-ng
Student Weekly Blog: http://gsoc2013.honeynet.org/author/gurcangercek/
Project Useful Links:
- 17.06.2013 - 24.06.2013
- Design Summary documented.
- Core module implemented. Decorators and basic unit tests.
- Sample analyzer added to system
- Pcap parser with simple session separation implemented.
- Tcpflow integration: We decided not to use tcpflow application. We will implement our own reassembly module in a protocol based manner. Project plan updated
- 24.06.2013 - 01.07.2013
- Reassembly module implemented using justniffer project
- DataSource decorator improved
- Builtin web server implemented with REST API support and basic unit tests.