Call for Paper - July 2023 Edition
IJCA solicits original research papers for the July 2023 Edition. Last date of manuscript submission is June 20, 2023. Read More

Evaluation of the Capabilities of WireShark as a tool for Intrusion Detection

International Journal of Computer Applications
© 2010 by IJCA Journal
Number 7 - Article 1
Year of Publication: 2010
Usha Banerjee
Ashutosh Vashishtha
Mukul Saxena

Usha Banerjee, Ashutosh Vashishtha and Mukul Saxena. Article:Evaluation of the Capabilities of WireShark as a tool for Intrusion Detection. International Journal of Computer Applications 6(7):1–5, September 2010. Published By Foundation of Computer Science. BibTeX

	author = {Usha Banerjee and Ashutosh Vashishtha and Mukul Saxena},
	title = {Article:Evaluation of the Capabilities of WireShark as a tool for Intrusion Detection},
	journal = {International Journal of Computer Applications},
	year = {2010},
	volume = {6},
	number = {7},
	pages = {1--5},
	month = {September},
	note = {Published By Foundation of Computer Science}


This paper illustrates the functionality of Wireshark as a sniffing tool in networks. This has been proven by an experimental setup which depicts the efficiency of detection of a malicious packet in any network. Testing has been achieved through experimentation on a real time network analyzed by Wireshark. Inferences have been made which clearly depict Wireshark’s capabilities highlighting it as a strong candidate for future development into a robust intrusion detection system. This paper highlights the working of Wireshark as a network protocol analyzer and also accentuates its flexibility as an open source utility to allow developers to add possible functionalities of intrusion detection devices in it.


  • Roesch M (1999) Snort - Lightweight Intrusion Detection for Networks. In Proceedings of Thirteenth Systems Administration Conference (LISA), pp 229-238.
  • Stolze M, Pawlitzek R and Hild S (2003a) Task Support for Network Security Monitoring. In ACM CHI Workshop on System Administrators Are Users, Too: Designing Workspaces for Managing Internet-Scale Systems.
  • Lee W, Stolfo SJ and Mok KW (2000) Adaptive Intrusion Detection: A Data Mining Approach. Artificial Intelligence Review 14(6), 533-567.
  • Stolze M, Pawlitzek R and Wespi A (2003b) Visual Problem-Solving Support for New Event Triage in Centralized Network Security Monitoring: Challenges, Tools and Benefits. In GI-SIDAR conference IT-Incident Management and IT-Forensics (IMF).
  • Pinkas, B., Sander, T.: Securing passwords against dictionary attacks Proceedings of the 9th ACM conference on Computer and communications security Washington, DC, USA (2002 ) 161-170
  • Madsen, P., Koga, Y., Takahashi, K.: Federated identity management for protecting users from ID theft Proceedings of the 2005 workshop on Digital identity management Fairfax, VA, USA (2005) 77-83
  • Gouda, M.G., Liu, A.X., Leung, L.M., Alam, M.A.: Single Password, Multiple Accounts. Proceedings of 3rd Applied Cryptography and Network Security Conference (industry track), New York City, New York (2005)
  • Luo, H., Henry, P.: A common password method for protection of multiple accounts. 14th IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, Vol. 3 (2003) 2749 - 2754
  • Gaw, S., Felten, E.W.: Password management strategies for online accounts. Proceedings of the second symposium on Usable privacy and security ACM Press, Pittsburgh, Pennsylvania (2006) 44-55
  • Riley, S.: Password Security: What Users Know and What They Actually Do. Usability News, Vol. 2006. Software Usability Research Laboratory, Department of Psychology, Wichita State University, Wichita (2006)
  • S. R. Snapp, J. Brentano, G. V. Dias, T. L. Goan, L. T. Heberlein, C. Ho, K. N. Levitt, B. Mukherjee, S. E. Smaha, T. Grance, D. M. Teal and D. Mansur, DIDS (Distributed Intrusion Detection System) Motivation, Architecture and Early Prototype, Proceeding 14th National Computer Security Conference, pg. 167 176, 1991
  • S. James P. Anderson, Computer security threat monitoring and surveillance” ,Technical report, Fort Washington, PA, April 1980
  • Stephen E. Smaha, ”Haystack: An intrusion detection system”, In Proceedings of the Fourth Aerospace Computer Security Applications Conference, pages 37-44, December 1988.
  • L. Todd Heberlein, Gihan V. Dias, Karl N. Levitt, Biswanath Mukherjee, Jeff Wood, and David Wolber, ”A network security monitor”, In Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy, pages 296-304, May 1990.