Regresar

PDUs Header-Based Online User Behavior Detection Algorithm

Abstract:

The goal of this research is to present a detection algorithm for data interception between a Legitimate Access Point (LAP) and wireless devices employing passive eavesdropping techniques, analyzing the Protocol Data Units (PDUs) header of specific Open Systems Interconnection (OSI) protocol layers in real-time: segment (transport-layer), packet (network-layer), and frame (data link-layer). The designed algorithm takes advantage of a passive Man-in-the-Middle (MITM) system, avoiding to gather sensitive information of the users connected to the network. The system focuses on requests from web browsers and apps of wireless devices to analyze the online behavior of the users on the Internet utilizing cybersecurity techniques. The research approaches on a small-scale wireless network to implement educational environments based on parental control in educational institutions (primary, secondary and higher education), fomenting Information and Communication Technologies (ICT) security in virtual classrooms. The data acquisition process of the wireless devices uses the Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) services. It also analyzes the Transmission Control Protocol (TCP) control flags of the TCP three-way handshake protocol to identify requests from web browsers and apps. Finally, preliminary test results are presented, demonstrating that each wireless device can be characterized using information based on PDUs header, and these individual reports can be presented through an interactive dashboard to the teachers.