Implementation of Network Monitoring and Packets Capturing Using Random Early Detection (RED) Method

Abstract

The growing number of users and development of applications that utilize the computer network or the internet has an impact on increasing amount of data transferred through the network. With this increasing data transfer results in the increase of traffic (flow) data. A monitoring system is needed to analyze computer network by capturing on the flow of network data packets. In this study, the monitoring system analyzed and identified types of flooding and packet loss using random early detection (RED) algorithm. RED method compares the packet’s counter value by its type with a user defined threshold value. The monitoring and packet capturing system was implemented on the campus wireless LAN network at the University of Sumatra Utara during active hours. As the result of the system implementation performed for several consecutive days, it was found that the active packets included TCP, UDP, and Ethernet. For the most common intrusion mode was detected as TCP / SYN flooding and packet loss (97.04%) on TCP packets with loss percentage in the network was around 8.837%.