Порівняльний аналіз засобів виявлення шкідливих мережних пакетів

Abstract

This work presents a comparative analysis of current network packet analyzers, addressing the increasing complexity of network infrastructures and the growing demand for effective cybersecurity monitoring. In light of rising cyber threats, the research emphasizes the necessity for a comprehensive approach to traffic analysis that not only deciphers detailed protocol data but also offers intuitive monitoring for a broad range of users. An evaluation of popular tools, such as Wireshark, Tcpdump, Nmap, Kismet, NetworkMiner, and SolarWinds Network Performance Monitor, reveals unique strengths and limitations pertinent to various operational environments. The work identifies key criteria for efficiency, including performance, analysis depth, user-friendliness, protocol support, cost, and platform independence.