Raspberry Pi & Local Area Network Monitoring

This project isn't specific to the Raspberry Pi but, following on from our Raspberry Pi Bluetooth project we thought it might be useful to see what monitoring could be done on our home Local Area Network (LAN) and what useful data we could gather from it. Note that this project has big privacy implications and whilst we were trying to see what is technically possible, this doesn't mean we will necessarily leave it collecting all of the data described here.


With the 'Wheezy' OS install we had to install the arp-scan tool using the command:
sudo apt-get install arp-scan.

Once installed, we can run a basic arp-scan command:
sudo arp-scan --localnet

This command has to be run as root and it returns a list of devices on the local network, with IP address, MAC address and the exposed name of the device. We initially wrote a simple script that repeats this command every 30 seconds and processes the resulting output, one line at a time. The software looked for new or unknown devices on the network and then reported them. It also checked for devices going missing from the network and reported them.

We have since written some Java code for our HCS to provide accurate presence information and monitor and log devices on and off our home network. This uses a devices class that models all the networked devices in our home. It also models the devices in terms of ownership, type of device and persistence on the network. Whilst wired devices connected via Ethernet cables appear to have a persistent presence on the local network, wireless devices appear to come and go. Devices like iPhone's will often not appear for some time, if they are not used. To counteract this, we have implemented a threshold value for each device, which is used to determine if it really has been removed from the network.


We will be publishing our code here very soon. For security reasons we will be removing all references to our devices and service passwords.


This is a very effective way of determining presence of device on our home network. Because wireless devices do not always appear on network, those that are associated with a person and are carried at all times (e.g. personal Smartphones), provide a presence 'ping' to update our Home Control System (HCS) understanding of who is in or out. This makes it very timely and it works well with our 'wasp in a box' model. This model assumes that devices are not seen again once the front door is closed.

In terms of logging the coming and going of devices, it is desirable to use a cumulative counter to detect a sequence of scans where the device is not present. This introduces a delay in detecting devices leaving but greatly improves the accuracy. This method can then be used to detect devices being removed from the network (or the home) and take appropriate action.

The slightly scary thing about this project is that initially we kept discovering new networked devices! We have managed to identify them all now and have over 100 in total. Our HCs now sends an alert when an unknown device is connected.

Our software allows us to track how long devices are used for, so usage of things like the children's Smart TVs and games consoles can be monitored.

Share ...
We are on ...
Facebook Twitter
YouTube Flickr Follow us on Pinterest