The continuing rise of network security threats and network attacks have motivated accelerated studies on
network forensics. Typically, data collected in a networked system is often used to investigate security threats.
One of the principles and techniques of network security is packet analysis, which is a branch of network
security that studies insecure protocols. In order to help with the forensic investigation and facilitate the fight
against security and privacy threats, we carried out an active inspection of network packets on a BitTorrent
client. This paper proposes a capture and analysis technique for network packets using Wireshark. Network
traffic of P2P networks was monitored, captured, and analyzed. The analysis results showed that the proposed
technique successfully identified the source and location of threats on the network, which can be verifiable as
credible digital evidence for forensic investigations.
Keywords: Wireshark, Peer-to-Peer Networks, Packet Sniffing, Packet Capture.
network forensics. Typically, data collected in a networked system is often used to investigate security threats.
One of the principles and techniques of network security is packet analysis, which is a branch of network
security that studies insecure protocols. In order to help with the forensic investigation and facilitate the fight
against security and privacy threats, we carried out an active inspection of network packets on a BitTorrent
client. This paper proposes a capture and analysis technique for network packets using Wireshark. Network
traffic of P2P networks was monitored, captured, and analyzed. The analysis results showed that the proposed
technique successfully identified the source and location of threats on the network, which can be verifiable as
credible digital evidence for forensic investigations.
Keywords: Wireshark, Peer-to-Peer Networks, Packet Sniffing, Packet Capture.
