This project demonstrates fundamental UDP socket programming concepts and explores potential security implications of UDP-based data transfer. It includes implementations of UDP ping utilities, heartbeat monitoring, and a proof-of-concept file exfiltration tool that highlights data security concerns.
- Assignment Background
- Project Components
- Features
- Installation & Setup
- Usage Examples
- Screenshots & Demonstration
- File Transfer Protocol
- Security Implications
- Project Structure
- Educational Context
- License
- Disclaimer
This project is based on the UDP Pinger Lab from the Kurose & Ross "Computer Networking: A Top-Down Approach" textbook programming assignments.
- Original Assignment: Kurose-Ross Programming Assignments
- Base Requirements: See
UDP_Pinger_programming_lab_only.pdf
This implementation extends the original UDP Pinger assignment with:
- UDP Heartbeat monitoring for application health tracking
- Multi-packet file transfer protocol with session management
- File exfiltration proof-of-concept demonstrating security vulnerabilities
- ACK/retry mechanism for reliable UDP transfer
- Comprehensive statistics and progress tracking
Standard UDP ping client-server implementation demonstrating:
- Basic UDP socket programming
- Round-trip time (RTT) calculation
- Packet loss simulation (30%)
- Timeout handling
Files: UDPPingerClient.py, UDPPingerServer.py
Application health monitoring system featuring:
- Periodic heartbeat messages
- One-way packet loss detection
- Client health status tracking
- Configurable packet loss simulation
Files: UDPHeartbeatClient.py, UDPHeartbeatServer.py
Proof-of-concept demonstrating data exfiltration capabilities:
- Multi-packet file transfer over UDP
- Session management with unique IDs
- Reliable transfer with ACK/retry mechanism
- Automatic file reconstruction
- Progress tracking and statistics
Files: UDPFileExfilClient.py, UDPFileExfilServer.py
- Send 10 ping messages to server
- Calculate and display RTT for each packet
- Handle packet loss gracefully
- Display comprehensive statistics (min/max/avg RTT, packet loss rate)
- Configurable heartbeat intervals
- Sequence number tracking
- Lost packet detection and reporting
- Client timeout detection
- Optional packet loss simulation
- Transfer files of any size via UDP
- Automatic chunking for large files (3KB chunks)
- Session-based file transfer protocol
- ACK/retry mechanism for reliability
- Progress tracking with detailed output
- Automatic file reconstruction on server
- Python 3.6 or higher
- No external dependencies (uses standard library only)
git clone https://github.com/yourusername/udp-network-tools.git
cd udp-network-tools# Terminal 1: Start the server
python UDPPingerServer.py
# Terminal 2: Run the client
python UDPPingerClient.py# Terminal 1: Start the server
python UDPHeartbeatServer.py
# Terminal 2: Run the client
python UDPHeartbeatClient.py# Terminal 1: Start the server
python UDPFileExfilServer.py
# Terminal 2: Run the client
python UDPFileExfilClient.py
# Choose option 2 to exfiltrate a file
# Enter the file path when prompted$ python UDPPingerClient.py
UDP Pinger Client
==================================================
Reply from ('127.0.0.1', 12000): PING 1 1705968234.123456
RTT: 0.001234 seconds
Reply from ('127.0.0.1', 12000): PING 2 1705968235.234567
RTT: 0.001456 seconds
Request timed out for Ping 3
==================================================
Ping Statistics:
Packets: Sent = 10, Received = 7, Lost = 3
Packet Loss Rate: 30.0%
Round Trip Times:
Minimum: 0.001234 seconds
Maximum: 0.002345 seconds
Average: 0.001678 seconds
$ python UDPHeartbeatClient.py
UDP Heartbeat Client
======================================================================
Simulate packet loss? (y/n): n
Server: 127.0.0.1:12000
Heartbeat interval: 1.0 seconds
Total heartbeats to send: 20
Packet loss simulation: DISABLED
======================================================================
[SENT] Heartbeat #1 at 14:30:45
[SENT] Heartbeat #2 at 14:30:46
[SENT] Heartbeat #3 at 14:30:47
...
$ python UDPFileExfilClient.py
UDP File Exfiltration Client - Security Demonstration
============================================================
Options:
1. Send regular pings (10 pings)
2. Exfiltrate a file
3. Exit
Enter choice (1-3): 2
Enter file path to exfiltrate: document.txt
============================================================
Exfiltrating file: document.txt
Session ID: a1b2c3d4
File size: 8500 bytes
Total packets: 3
============================================================
[START] File transfer initialized
[SENT] Packet 1/3 (3000 bytes)
[SENT] Packet 2/3 (3000 bytes)
[SENT] Packet 3/3 (2500 bytes)
============================================================
[SUCCESS] File exfiltration complete!
UDP Pinger demonstrating RTT calculation and 30% packet loss simulation
Complete ping statistics showing min/max/avg RTT and packet loss rate
Successful exfiltration of secret.txt (117 bytes) in single packet
Session-based transfer with unique session ID for tracking
Demonstrating UDP unreliability - transfer failure scenario
Exfiltrated file successfully reconstructed on server with identical contents
Secret2.txt containing confidential employee database (17,227 bytes)
Large file split into multiple packets with successful reconstruction
Another successful file exfiltration demonstrating reliability
A comprehensive video demonstration covering:
UDP Heartbeat Monitor:
- Periodic heartbeat transmission
- Sequence number tracking
- Lost packet detection and reporting
- One-way delay calculation
- Client timeout scenarios
- Configurable packet loss simulation
Packet Loss Scenarios:
- Server-side 30% packet loss simulation
- Client-side simulated packet drops
- Impact on heartbeat monitoring
- Statistical analysis of loss rates
- Recovery and detection mechanisms
Watch Full Demo Video (5 minutes)
The video provides a complete walkthrough of the UDP Heartbeat system, demonstrating how applications can monitor connectivity, detect packet loss, and handle unreliable network conditions.
The file exfiltration tool uses a custom protocol over UDP:
| Message Type | Description | Fields |
|---|---|---|
| FILE_START | Initialize transfer session | session_id, filename, total_packets |
| FILE_DATA | Transfer file chunks | session_id, packet_num, data (up to 3KB) |
| FILE_END | Finalize transfer | session_id |
| ACK | Acknowledgment | packet_num |
| COMPLETE | Transfer status | status (success/failure) |
Client Server
| |
|-------- FILE_START --------->|
|<---------- ACK --------------|
| |
|-------- FILE_DATA (1) ------>|
|<---------- ACK --------------|
| |
|-------- FILE_DATA (2) ------>|
|<---------- ACK --------------|
| |
|-------- FILE_END ----------->|
|<-------- COMPLETE -----------|
This project demonstrates that UDP can be used to transfer data outside a network, which has important security implications:
- Data Exfiltration: Files can be transmitted via UDP packets that may bypass certain firewall rules
- Protocol Tunneling: Legitimate-looking network traffic (pings/heartbeats) can carry hidden data
- Covert Channels: UDP's simplicity makes it suitable for covert communication channels
- Firewall Evasion: UDP traffic may be less scrutinized than TCP in some network configurations
Organizations should consider:
- Deep Packet Inspection (DPI) for UDP traffic
- Rate limiting on ICMP/UDP packets
- Network behavior analysis and anomaly detection
- Application-layer firewalls
- Comprehensive logging and monitoring of UDP traffic
- Egress filtering to control outbound traffic
udp-network-tools/
├── README.md
├── .gitignore
├── UDP_Pinger_programming_lab_only.pdf
├── UDPPingerClient.py
├── UDPPingerServer.py
├── UDPHeartbeatClient.py
├── UDPHeartbeatServer.py
├── UDPFileExfilClient.py
├── UDPFileExfilServer.py
├── screenshots/
│ ├── basic_ping_1.png
│ ├── basic_ping_2.png
│ ├── secret.txt.png
│ ├── exfiltrate_secret_success.png
│ ├── exfiltrate_secret_failure.png
│ ├── exfiltrated_file_on_server.png
│ ├── large_file_to_be_exfiltrated.png
│ ├── secret2_exfiltrated.png
│ └── exfiltrate_success_2.png
└── demo/
└── udp_heartbeat_demo.mov
This project was developed as part of a computer networking course to understand:
- UDP socket programming fundamentals
- Network protocol design and implementation
- Packet loss handling and reliability mechanisms
- Security implications of network protocols
- Practical cybersecurity concepts
- Understand connectionless vs connection-oriented protocols
- Implement timeout and retry mechanisms
- Calculate network performance metrics (RTT, packet loss)
- Design custom application-layer protocols
- Recognize security vulnerabilities in network applications
IMPORTANT: The file exfiltration components are proof-of-concept demonstrations for educational and security research purposes only.
- Unauthorized use of these techniques to exfiltrate data from networks you don't own or have permission to test is illegal and unethical
- Only use in controlled environments with proper authorization
- Intended for educational purposes, security research, and authorized penetration testing
- Understanding these techniques helps in building better defenses
By using this software, you agree to use it responsibly and in accordance with all applicable laws and regulations.
Course: Computer Networks CS-GY 6843
Academic Year: Fall 2025
Institution: NYU Tandon