Top

Published in:

2017 | OriginalPaper | Chapter

Analyzing and Detecting Network Intrusion Behavior Using Packet Capture

Authors : Zahidan Zabri, Puteri N. E. Nohuddin

Published in: Advances in Visual Informatics

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Network Intrusion is one of serious computer network security issues faced by almost all organizations or industries around the world. The big problem is that companies still have poor security to keep their network in good condition. Unfortunately, the management takes the simplest way by putting heavy responsibilities to network administrator rather than spending a high cost of computer security setup. In this paper describes a preliminary study for proposing a technique of analyzing network intrusion by using Packet Capture integrated with Network Intrusion Behavior Analysis Engine. This technique analyzes whether the flow of the network is healthy or malicious. The study consists of several components for implementing an effective and efficient network analyzing mechanism. Artificial Neural Network is selected as the main method for its behavior analysis engine. Then, it will illustrate the analysis result using an enhanced visualization method which gives more knowledge and understanding to the network administrators for effectively monitor network traffics.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Smart-Learning Networked Controllers for Centralized Air-Conditioning Systems Using Model-View-Controller Model

Alfayyadh, B., Ponting, J., Alzomai, M., Jøsang, A.: Vulnerabilities in personal firewalls caused by poor security usability. In: 2010 IEEE International Conference on Information Theory and Information Security (ICITIS) (2010)

Stavroulakis, P., Stamp, M.: Handbook of Information and Communication Security (2010)

Peng, X., Zhao, H.: A framework of attacker centric cyber attack behavior analysis. In: 2007 IEEE International Conference on Communications (2007)

Portnoy, L., Eskin, E., Stolfo, S.: Intrusion detection with unlabeled data using clustering. Department of Computer Science, Columbia University (2001)

Cecil, A.: A summary of network traffic monitoring and analysis techniques. Whitepaper (2006)

Oluwabukola, O., Oludele, A., Ogbonna, A.C., Chigozirim, A., Amarachi, A.: A Packet Sniffer (PSniffer) Application for network security in Java. In: Cohen, E., Boyd, E. (eds.) Proceedings of Informing Science and Information Technology Education Conference 2013, pp. 389–400 (2013)

Turk, Y., Demir, O., Gören, S.: Real time wireless packet monitoring with raspberry Pi sniffer. Inf. Sci. Syst. 2014, 185–192 (2014)

Sondwale, P.P.: Overview of predictive and descriptive data mining techniques. Int. J. Advanced Research in Computer Science and Software Engineering, IJARCSSE, vol. 5 no. 4 (2015)

Bloedorn, E., Christiansen, A.D., Hill, W., Skorupka, C., Talbot, L.M., Tivel, J.: Data mining for network intrusion detection: how to get started (2001)

10.

Gupta, D., Singhai, S., Malik, S., Singh, A.: Network intrusion detection system using various data mining techniques. In: IEEE International Conference on Research Advances in Integrated Navigation Systems (RAINS) (2016)

11.

Sindhu, S., Geetha, S., Kannan, A.: Decision tree based light weight intrusion detection using a wrapper approach. Expert Syst. Appl. 39, 129–141 (2012)CrossRef

12.

Aggarwal, M., Amrita: Performance analysis of different feature selection methods in intrusion detection. Int. J. Sci. Technol. Res. 2(6), 225–231 (2013)

13.

Janecek, A.G.K., Gansterer, W.N., Demel, M.A., Ecker, G.F.: On the relationship between feature selection and classification accuracy. J. Mach. Learn. Res. 4, 90–105 (2008)

14.

Nohuddin, P.N.E., Christley, R., Coenen, F., Patel, Y., Setzkorn, C., Williams, S.: Frequent pattern trend analysis in social networks. In: Cao, L., Feng, Y., Zhong, J. (eds.) ADMA 2010. LNCS, vol. 6440, pp. 358–369. Springer, Heidelberg (2010). doi:10.1007/978-3-642-17316-5_35 CrossRef

15.

Münz, G., Carle, G.: Traffic anomaly detection using kmeans clustering. In: GI/ITG Workshop MMBnet (2016)

16.

Phutane, T., Pathan, A.: A survey of intrusion detection system using different data mining techniques. Int. J. Innov. Res. Comput. Commun. Eng. 2, 11 (2014)

17.

Bo, L., Dong-Dong, J.: The research of intrusion detection model based on clustering analysis. In: 2009 International Conference on Computer and Communications Security (2009)

18.

Kaur, H., Sing, G., Minhas, J.: A review of machine learning based anomaly detection techniques. Int. J. Comput. Appl. Technol. Res. 2(2), 185–187 (2013)

19.

Srinivasulu, P., Nagaraju, D., Kumar, P.R., Rao, K.N.: Classifying the network intrusion attacks using data mining classification methods and their performance comparison. IJCSNS Int. J. Comput. Sci. Netw. Secur. 9, 6 (2009)

20.

Pervez, S., Ahmad, I., Akram, A., Swati, S.U.: Comparative analysis of artificial neural network technologies in intrusion detection systems. In: Proceedings of 6th WSEAS International Conference on Multimedia, Internet & Video Technologies (2006)

21.

Moore, A.W., Zuev, D.: Internet traffic classification using bayesian analysis techniques. In: Proceedings of 2005 ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems - SIGMETRICS 2005 (2005)

22.

Gupta, A., Kumar, M., Rangra, A., Tiwari, V.K., Saxena, P.: Network intrusion detection types and analysis of their tools. Int. J. Eng. Res. Dev. 2, 1 (2013)

23.

Youssef, A., Emam, A.: Network intrusion detection using data mining and network behaviour analysis. Int. J. Comput. Sci. Inf. Technol. 3(6), 87–98 (2011)

24.

Northcutt, S., Novak, J.: Network Intrusion Detection, 3rd edn. Sams, Indianapolis (2002)

25.

Reelsen, A.: Using Elasticsearch, Logstash and Kibana to Create Realtime Dashboards. Elasticsearch (2014)

26.

Hargrave, V.: Packet Capture with Pyshark and Elasticsearch (2015)

27.

Gormley, C., Tong, Z.: Elasticsearch: The Definitive Guide. O’Reilly Media, Inc., Sebastopol (2017)

Title: Analyzing and Detecting Network Intrusion Behavior Using Packet Capture
Authors: Zahidan Zabri
Puteri N. E. Nohuddin
Publisher: Springer International Publishing
Book: Advances in Visual Informatics
Print ISBN: 978-3-319-70009-0

Electronic ISBN: 978-3-319-70010-6

Copyright Year: 2017
DOI: https://doi.org/10.1007/978-3-319-70010-6_69

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner