An efficient eavesdropping model for detection of advanced persistent threat (APT) in high volume network traffic.

Autor: Veena, R. C., Brahmananda, S. H.
Zdroj: Multimedia Tools & Applications; Mar2024, Vol. 83 Issue 11, p32123-32139, 17p
Abstrakt: Eavesdropping, commonly referred to as network analysis, is the process of gathering data traffic. To check if attackers are sneaking into a network, a thorough examination is essential. The risk of APT has considerably increased as a result of the rapid expansion of internet use and linked gadgets. The goal of this research is to develop an eavesdropping model. To train the developed system, the publicly available dataset having a range of simulated breaches in a military-grade network environment is used. The model can examine, decode, and display malicious data packets from commonly used protocols. The objective is to determine whether a threat might be present in the network. Before the firewall, a program keeps track of data transfer over a network. The detection model's use of historical learning of publicly accessible threat patterns is what makes this study novel. Among the features is a reliable model for APT detection, an intuitive user interface, and statistical capabilities to analyze. With an accuracy of 99.99% and a detection time of 0.2 seconds, Random Forest provided the greatest classification performance. The acquired accuracy is higher than the 98.85% accuracy that was previously published. [ABSTRACT FROM AUTHOR]
Databáze: Complementary Index