Atheris - A Workbench to Analyze Internet Traffic
The open source traffic analyzer Atheris has been designed to monitor network traffic and to visualize its inherent properties. It can be applied to perform passive and active traffic measurements at the packet layer, data extraction, flow analysis and the visual inspection of relevant statistical traffic characteristics.
Atheris has been developed in Java 1.6 due to its platform independence and the availability of suitable libraries, e.g. Libpcap  and its Windows counterpart WinPcap . The latter intercept the packets from the kernel space and copy them to the user space, such that traffic analyzers can dissect and store the packets. As Libpcap respectively WinPcap are written in C, one needs a wrapper to get the packets into Java. The first version of Atheris used Jpcap  as Java wrapper of the libraries libpcap and WinPcap. Since the development of Jpcap has been discontinued and we encountered serious limitations and bugs, we have migrated Atheris to jNetPcap , which serves now as wrapper of libpcap.
The new multithreaded version of Atheris includes new functionality such as a redesigned GUI and an improved workbench functionality. It is now possible to export the packets of selected flows or conversations to Wireshark or to CSV files. As part of our ongoing work this functionality will be extended to incorporate the export to SQL databases and the statistical software R. Finally, the addition of new plots to Atheris has been simplified. Due to its modular architecture, existing plots can be easily extended. To add a new plot, only one interface needs to be implemented. After the completion of the migration to the wrapper jNetPcap, a stable open source version of Atheris is available now, see .
To the best of our knowledge, Atheris is the first publicly available multi-threaded JAVA implementation of a graphical traffic analyzer.
Future releases will incorporate P2P functionality to enable the monitoring of applications in a fully distributed manner.