Info: Zenodo’s user support line is staffed on regular business days between Dec 23 and Jan 5. Response times may be slightly longer than normal.

Published November 30, 2024 | Version CC-BY-NC-ND 4.0
Journal article Open

Network Threat Detection and Modelling

  • 1. BE Student, Department of Computer Science and Engineering, RV College of Engineering, Bengaluru (Karnataka), India.
  • 1. BE Student, Department of Computer Science and Engineering, RV College of Engineering, Bengaluru (Karnataka), India.
  • 2. BE Student, Department of Electronics and Communication Engineering, RV College of Engineering, Bengaluru (Karnataka), India.
  • 3. Professor and Associate Dean, Department of Computer Science and Engineering, RV College of Engineering, Bengaluru (Karnataka), India.
  • 4. Associate Professor, Department of Electronics and Communication and Engineering, RV College of Engineering, Bengaluru (Karnataka), India.

Description

Abstract: Network threat detection and modelling are critical aspects of network security in an organization since the many devices connecting to the internet can be vulnerable. Network attacks are unauthorized actions on the digital assets within an organizational network. Malicious parties usually execute network attacks to alter, destroy, or steal private data. Perpetrators in network attacks tend to target network perimeters to gain access to internal systems. In this project the incoming traffic and outgoing network traffic is analyzed and from the several devices in an organization and security determined and made easy to visualize by the security analyst to take necessary action. Firstly, the network traffic related information is collected assets or end points in an organization which are exposed to the external world. In fact, the assets will be having data related to external world in the form of IP addresses to which domain or traffic they are being connected or they being accepted. These IP addresses are processed to obtain the actual location and domain which is used to visualize the geographical location of incoming and outgoing traffic and some data like port number are also collected to know the protocol being used by assets are secure. And vulnerable port numbers are displayed in user Interface to take necessary action by the security analyst. In this project for threat detection. The some of the standard compliance like CIS (Center for Internet Security) benchmarks are used to determine the network vulnerabilities in the assets that can be easily attacked by the attackers and the firewall configurations and other network configurations are verified according to these standards. If any of the required check or compliance failing is indicated as a threat in the UI so that security analyst can take necessary action on that particular asset which have security breach or which is vulnerable.

Files

H96290712823.pdf

Files (406.2 kB)

Name Size Download all
md5:6078d8bc826a38df3e8398d24b5423f2
406.2 kB Preview Download

Additional details

Identifiers

Dates

Accepted
2024-11-15
Manuscript received on 01 June 2024 | Revised Manuscript received on 21 October 2024 | Manuscript Accepted on 15 November 2024 | Manuscript published on 30 November 2024.

References

  • Khalid, Adam, Anazida Zainal, Mohd Aizaini Maarof, and Fuad A. Ghaleb. "Advanced persistent threat detection: A survey." 3rd International Cyber Resilience Conference (CRC), 2021, pp. 1-6. IEEE Doi: https://doi.org/10.1109/CRC50527.2021.9392626
  • X. Lu, J. Han, Q. Ren, H. Dai, J. Li, and J. Ou, "Network threat detection based on correlation analysis of multi-platform multi-source alert data," Multimedia tools and applications, vol. 79, pp. 33 349–33 363, 2020. Doi: https://doi.org/10.1007/s11042-018-6689-7
  • M. Wo´zniak, J. Si lka, M. Wieczorek, and M. Alrashoud, "Recurrent neural network model for iot and networking malware threat detection," IEEE Transactions on Industrial Informatics, vol. 17, no. 8, pp. 5583–5594, 2020. Doi: https://doi.org/10.1109/TII.2020.3021689
  • Alshamrani, Adel, et al. "A survey on advanced persistent threats: Techniques, solutions, challenges, and research opportunities." IEEE Communications Surveys & Tutorials, 2019. Doi: https://doi.org/10.1109/COMST.2019.2891891
  • R. Ranjan 'Detecting Advanced Persistent Threats: A Comparative Analysis of Machine Learning Approaches', 2017
  • M. Zahidul Islam, 'A Survey of Advanced Persistent Threats: Techniques, Tools and Challenges', 2017
  • M. Joshi and T. H. Hadi, "A review of network traffic analysis and prediction techniques," arXiv preprint arXiv:1507.05722, 2015. Doi: https://doi.org/10.48550/arXiv.1507.05722
  • Amin Kharraz, 'A Survey of Advanced Persistent Threats: Detection, Analysis, and Mitigation', 2015, Journal of Network and Computer Applications.
  • Advanced Persistent Threats - detection and defense - IEEE, MIPR, 2015. Doi: https://doi.org/10.1109/MIPRO.2015.7160480
  • A study on advanced persistent threats in Proc. IFIP Int. Conf. Commun. Multimedia Security, P. Chen, L. Desmet, and C. Huygens, 2014. Doi: https://doi.org/10.1007/978-3-662-44885-4_5
  • N. Virvilis and D. Gritzalis, "The big four-what we did wrong in advanced persistent threat detection?" In 2013 international conference on availability, reliability and security, IEEE, 2013, pp. 248–254. Doi: https://doi.org/10.1109/ARES.2013.32
  • Giura, Paul, and Wei Wang. "A context-based detection framework for advanced persistent threats." 2012 International Conference on Cyber Security. IEEE. Doi: https://doi.org/10.1109/CyberSecurity.2012.16
  • S. Khanna, H. Chaudhry, and G. S. Bindra, "Inbound & outbound email traffic analysis and its spam impact," in Fourth International Conference on Computational Intelligence, Communication Systems and Networks, IEEE, 2012, pp. 181– 186. Doi: https://doi.org/10.1109/CICSyN.2012.42
  • C. Rossow, C. J. Dietrich, H. Bos, et al., "Sandnet: Network traffic analysis of malicious software," in Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, 2011, pp. 78–88. Doi: https://doi.org/10.1145/1978672.1978682
  • M. A. Qadeer, A. Iqbal, M. Zahid, and M. R. Siddiqui, "Network traffic analysis and intrusion detection using packet sniffer," in 2010 Second International Conference on Communication Software and Networks, IEEE, 2010, pp. 313–317. Doi: https://doi.org/10.1109/ICCSN.2010.104
  • M. Kihl, P. Odling, C. Lagerstedt, and A. Aurelius, "Traffic analysis and charac- ¨ terization of internet user behavior," in International Congress on Ultra-Modern Telecommunications and Control Systems, IEEE, 2010, pp. 224–231. Doi: https://doi.org/10.1109/ICUMT.2010.5676633
  • M. Aswal, P. Rawat, and T. Kumar, "Threats and vulnerabilities in wireless mesh networks," International Journal of Recent Trends in Engineering, vol. 2, no. 4, p. 155, 2009.
  • C. So-In, "A survey of network traffic monitoring and analysis tools," Cse 576m computer system analysis project, Washington University in St. Louis, 2009.
  • M.-k. Choi, R. J. Robles, C.-h. Hong, and T.-h. Kim, "Wireless network security: Vulnerabilities, threats and countermeasures," International Journal of Multimedia and Ubiquitous Engineering, vol. 3, no. 3, pp. 77–86, 2008
  • Pechhold, O Grassl, and W v Soden, "Dynamic shear compliance of polymer melts and networks," Crosslinking and scission in polymers, pp. 199–222, 1990. Doi: https://doi.org/10.1007/BF01410674
  • Sharma, P., & Site, S. (2022). A Comprehensive Study on Different Machine Learning Techniques to Predict Heart Disease. In Indian Journal of Artificial Intelligence and Neural Networking (Vol. 2, Issue 3, pp. 1–7). https://doi.org/10.54105/ijainn.c1046.042322
  • Priyatharshini, Dr. R., Ram. A.S, A., Sundar, R. S., & Nirmal, G. N. (2019). Real-Time Object Recognition using Region based Convolution Neural Network and Recursive Neural Network. In International Journal of Recent Technology and Engineering (IJRTE) (Vol. 8, Issue 4, pp. 2813–2818). https://doi.org/10.35940/ijrte.d8326.118419
  • Japneet Kaur, Harmeet Singh, Intrusion Detection Techniques for Secure Communication in Different Wireless Networks. (2019). In International Journal of Innovative Technology and Exploring Engineering (Vol. 8, Issue 9S2, pp. 668–671). https://doi.org/10.35940/ijitee.i1137.0789s219
  • Maniraj, S. P., G, S., Sravani, P., & Reddy, Y. (2019). Object Boundary Detection using Neural Network in Deep Learning. In International Journal of Engineering and Advanced Technology (Vol. 9, Issue 1, pp. 4453–4457). https://doi.org/10.35940/ijeat.a1608.109119
  • Pagare, S., & Kumar, Dr. R. (2024). Human Action Recognition using Long Short-Term Memory and Convolutional Neural Network Model. In International Journal of Soft Computing and Engineering (Vol. 14, Issue 2, pp. 20–26). https://doi.org/10.35940/ijsce.i9697.14020524
  • Saroj, S. K., Yadav, M., Jain, S., & Mishra, R. (2020). Performance Analysis of Q-Leach Algorithm in WSN. In International Journal of Inventive Engineering and Sciences (Vol. 5, Issue 10, pp. 1–4). https://doi.org/10.35940/ijies.i0977.0651020