Network traffic analysis

Network traffic analysis is the method of identifying, analysing and recording network activity. This can encompass smaller internal networks (with the purpose of performance measurement, tracking security flaws or further information gathering for management) as well as general interconnected network surveillance on a wider scale.

Software for network traffic analysis can encompass a variety of options to gain a broader view on online developments. This can regard smaller (internal) networks, as well as the surveillance of bigger, global networks:

In a wider framework, network traffic analysis can locate, monitor and intercept as well as analyse communication and network activity of criminal organisations. A comprehensive analysis tool can reduce search time as well as costs, possibly increasing LEA operation success. It can also record important behaviour and protocol it, as well as performance and information about servers and applications.

Network visualization tools can extract network traffic data and transform gathered information into intuitive and supportive graphics. They further allow extracting virtual communities in communication networks, as well as analysing network structures and the creation of network maps.

Smaller network traffic analysing tools may also be used for internal monitoring, when it comes to shortcomings, missing updates or security issues. This is also a method for troubleshooting problems within the network and feature support for common problems.

Utilisation and application

Network traffic analysis plays a vital part in two distinctive areas: internal control for troubleshooting and wider network surveillance for security.

Internal networks of companies, institutions and organisations are always closely connected and interact with each other. Various tools exist that allow detailed visualisation of the network traffic, related to the users, protocols and applications. They also allow to identify vulnerabilities or fragmented applications and to actively manage these shortcomings within the network, as well as the surveillance of employees.

The most important aspect is network traffic monitoring for general security against criminal networks online by law enforcement agencies. Solutions in this regard focus on cyber-intelligence that can visualize traffic in real time, display areas of interest and can analyse structures and patterns. This is a crucial mechanic for law enforcement agencies, that need to be prepared for any kind of criminal online activity.

Types and models

Network visualization: To gather information is one aspect – to understand it is another.  Software frameworks for dynamic network visualization can support law enforcement agencies, analysts, researchers, members and coordinators, by providing intuitive and comprehensive access to network data.

Private network management:  Especially to monitor the own, smaller network connections inside and outside, a personal surveillance programme can be helpful. This can also be used to scan for vulnerabilities and applications that need licences or adjustments.

Target groups

Communication service providers, law enforcement agencies, police, governmental institutions, private companies with high network performance

Manufacturers, providers and brands

AQSACOM, OBSERVER, commetrix