Network Threat Detection and Modelling
Mahendra V1, Manjunatha G S2, Nagaraja G S3, Shushrutha K S4
1Mahendra V, BE Student, Department of Computer Science and Engineering, RV College of Engineering, Bengaluru (Karnataka), India.
2Manjunatha G S, BE Student, Department of Electronics and Communication Engineering, RV College of Engineering, Bengaluru (Karnataka), India.
3Dr. Nagaraja G S, Professor and Associate Dean, Department of Computer Science and Engineering, RV College of Engineering, Bengaluru (Karnataka), India.
4Dr. Shushrutha K S, Associate Professor, Department of Electronics and Communication and Engineering, RV College of Engineering, Bengaluru (Karnataka), India.
Manuscript received on 01 June 2024 | Revised Manuscript received on 21 October 2024 | Manuscript Accepted on 15 November 2024 | Manuscript published on 30 November 2024 | PP: 16-19 | Volume-12 Issue-12, November 2024 | Retrieval Number: 100.1/ijese.H96290712823 | DOI: 10.35940/ijese.H9629.12121124
Open Access | Editorial and Publishing Policies | Cite | Zenodo | OJS | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Network threat detection and modelling are critical aspects of network security in an organization since the many devices connecting to the internet can be vulnerable. Network attacks are unauthorized actions on the digital assets within an organizational network. Malicious parties usually execute network attacks to alter, destroy, or steal private data. Perpetrators in network attacks tend to target network perimeters to gain access to internal systems. In this project the incoming traffic and outgoing network traffic is analyzed and from the several devices in an organization and security determined and made easy to visualize by the security analyst to take necessary action. Firstly, the network traffic related information is collected assets or end points in an organization which are exposed to the external world. In fact, the assets will be having data related to external world in the form of IP addresses to which domain or traffic they are being connected or they being accepted. These IP addresses are processed to obtain the actual location and domain which is used to visualize the geographical location of incoming and outgoing traffic and some data like port number are also collected to know the protocol being used by assets are secure. And vulnerable port numbers are displayed in user Interface to take necessary action by the security analyst. In this project for threat detection. The some of the standard compliance like CIS (Center for Internet Security) benchmarks are used to determine the network vulnerabilities in the assets that can be easily attacked by the attackers and the firewall configurations and other network configurations are verified according to these standards. If any of the required check or compliance failing is indicated as a threat in the UI so that security analyst can take necessary action on that particular asset which have security breach or which is vulnerable.
Keywords: Center for Internet Security, Internet Protocol.
Scope of the Article: Network Modelling and Simulation