Skip to main content
Springer Nature Link
Log in

Analyzing and Detecting Network Intrusion Behavior Using Packet Capture

  • Conference paper
  • First Online:
Advances in Visual Informatics (IVIC 2017)

Part of the book series: Lecture Notes in Computer Science ((LNIP,volume 10645))

Included in the following conference series:

  • 2673 Accesses

Abstract

Network Intrusion is one of serious computer network security issues faced by almost all organizations or industries around the world. The big problem is that companies still have poor security to keep their network in good condition. Unfortunately, the management takes the simplest way by putting heavy responsibilities to network administrator rather than spending a high cost of computer security setup. In this paper describes a preliminary study for proposing a technique of analyzing network intrusion by using Packet Capture integrated with Network Intrusion Behavior Analysis Engine. This technique analyzes whether the flow of the network is healthy or malicious. The study consists of several components for implementing an effective and efficient network analyzing mechanism. Artificial Neural Network is selected as the main method for its behavior analysis engine. Then, it will illustrate the analysis result using an enhanced visualization method which gives more knowledge and understanding to the network administrators for effectively monitor network traffics.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Alfayyadh, B., Ponting, J., Alzomai, M., Jøsang, A.: Vulnerabilities in personal firewalls caused by poor security usability. In: 2010 IEEE International Conference on Information Theory and Information Security (ICITIS) (2010)

    Google Scholar 

  2. Stavroulakis, P., Stamp, M.: Handbook of Information and Communication Security (2010)

    Google Scholar 

  3. Peng, X., Zhao, H.: A framework of attacker centric cyber attack behavior analysis. In: 2007 IEEE International Conference on Communications (2007)

    Google Scholar 

  4. Portnoy, L., Eskin, E., Stolfo, S.: Intrusion detection with unlabeled data using clustering. Department of Computer Science, Columbia University (2001)

    Google Scholar 

  5. Cecil, A.: A summary of network traffic monitoring and analysis techniques. Whitepaper (2006)

    Google Scholar 

  6. Oluwabukola, O., Oludele, A., Ogbonna, A.C., Chigozirim, A., Amarachi, A.: A Packet Sniffer (PSniffer) Application for network security in Java. In: Cohen, E., Boyd, E. (eds.) Proceedings of Informing Science and Information Technology Education Conference 2013, pp. 389–400 (2013)

    Google Scholar 

  7. Turk, Y., Demir, O., Gören, S.: Real time wireless packet monitoring with raspberry Pi sniffer. Inf. Sci. Syst. 2014, 185–192 (2014)

    Google Scholar 

  8. Sondwale, P.P.: Overview of predictive and descriptive data mining techniques. Int. J. Advanced Research in Computer Science and Software Engineering, IJARCSSE, vol. 5 no. 4 (2015)

    Google Scholar 

  9. Bloedorn, E., Christiansen, A.D., Hill, W., Skorupka, C., Talbot, L.M., Tivel, J.: Data mining for network intrusion detection: how to get started (2001)

    Google Scholar 

  10. Gupta, D., Singhai, S., Malik, S., Singh, A.: Network intrusion detection system using various data mining techniques. In: IEEE International Conference on Research Advances in Integrated Navigation Systems (RAINS) (2016)

    Google Scholar 

  11. Sindhu, S., Geetha, S., Kannan, A.: Decision tree based light weight intrusion detection using a wrapper approach. Expert Syst. Appl. 39, 129–141 (2012)

    Article  Google Scholar 

  12. Aggarwal, M., Amrita: Performance analysis of different feature selection methods in intrusion detection. Int. J. Sci. Technol. Res. 2(6), 225–231 (2013)

    Google Scholar 

  13. Janecek, A.G.K., Gansterer, W.N., Demel, M.A., Ecker, G.F.: On the relationship between feature selection and classification accuracy. J. Mach. Learn. Res. 4, 90–105 (2008)

    Google Scholar 

  14. Nohuddin, P.N.E., Christley, R., Coenen, F., Patel, Y., Setzkorn, C., Williams, S.: Frequent pattern trend analysis in social networks. In: Cao, L., Feng, Y., Zhong, J. (eds.) ADMA 2010. LNCS, vol. 6440, pp. 358–369. Springer, Heidelberg (2010). doi:10.1007/978-3-642-17316-5_35

    Chapter  Google Scholar 

  15. Münz, G., Carle, G.: Traffic anomaly detection using kmeans clustering. In: GI/ITG Workshop MMBnet (2016)

    Google Scholar 

  16. Phutane, T., Pathan, A.: A survey of intrusion detection system using different data mining techniques. Int. J. Innov. Res. Comput. Commun. Eng. 2, 11 (2014)

    Google Scholar 

  17. Bo, L., Dong-Dong, J.: The research of intrusion detection model based on clustering analysis. In: 2009 International Conference on Computer and Communications Security (2009)

    Google Scholar 

  18. Kaur, H., Sing, G., Minhas, J.: A review of machine learning based anomaly detection techniques. Int. J. Comput. Appl. Technol. Res. 2(2), 185–187 (2013)

    Google Scholar 

  19. Srinivasulu, P., Nagaraju, D., Kumar, P.R., Rao, K.N.: Classifying the network intrusion attacks using data mining classification methods and their performance comparison. IJCSNS Int. J. Comput. Sci. Netw. Secur. 9, 6 (2009)

    Google Scholar 

  20. Pervez, S., Ahmad, I., Akram, A., Swati, S.U.: Comparative analysis of artificial neural network technologies in intrusion detection systems. In: Proceedings of 6th WSEAS International Conference on Multimedia, Internet & Video Technologies (2006)

    Google Scholar 

  21. Moore, A.W., Zuev, D.: Internet traffic classification using bayesian analysis techniques. In: Proceedings of 2005 ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems - SIGMETRICS 2005 (2005)

    Google Scholar 

  22. Gupta, A., Kumar, M., Rangra, A., Tiwari, V.K., Saxena, P.: Network intrusion detection types and analysis of their tools. Int. J. Eng. Res. Dev. 2, 1 (2013)

    Google Scholar 

  23. Youssef, A., Emam, A.: Network intrusion detection using data mining and network behaviour analysis. Int. J. Comput. Sci. Inf. Technol. 3(6), 87–98 (2011)

    Google Scholar 

  24. Northcutt, S., Novak, J.: Network Intrusion Detection, 3rd edn. Sams, Indianapolis (2002)

    Google Scholar 

  25. Reelsen, A.: Using Elasticsearch, Logstash and Kibana to Create Realtime Dashboards. Elasticsearch (2014)

    Google Scholar 

  26. Hargrave, V.: Packet Capture with Pyshark and Elasticsearch (2015)

    Google Scholar 

  27. Gormley, C., Tong, Z.: Elasticsearch: The Definitive Guide. O’Reilly Media, Inc., Sebastopol (2017)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Visual Informatics, National University of Malaysia, Bangi, Malaysia

    Zahidan Zabri & Puteri N. E. Nohuddin

Authors
  1. Zahidan Zabri
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Puteri N. E. Nohuddin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zahidan Zabri .

Editor information

Editors and Affiliations

  1. Universiti Kebangsaan Malaysia, Bangi, Selangor, Malaysia

    Halimah Badioze Zaman

  2. University of Cambridge, Cambridge, United Kingdom

    Peter Robinson

  3. Dublin City University, Dublin, Ireland

    Alan F. Smeaton

  4. National Central University, Jhongli, Taiwan

    Timothy K. Shih

  5. Carlos III University of Madrid, Madrid, Spain

    Sergio Velastin

  6. Toyo University, Kawagoe, Japan

    Tada Terutoshi

  7. Universiti Kebangsaan Malaysia, Bangi, Selangor, Malaysia

    Azizah Jaafar

  8. Universiti Kebangsaan Malaysia, Bangi, Selangor, Malaysia

    Nazlena Mohamad Ali

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Zabri, Z., Nohuddin, P.N.E. (2017). Analyzing and Detecting Network Intrusion Behavior Using Packet Capture. In: Badioze Zaman, H., et al. Advances in Visual Informatics. IVIC 2017. Lecture Notes in Computer Science(), vol 10645. Springer, Cham. https://doi.org/10.1007/978-3-319-70010-6_69

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-70010-6_69

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-70009-0

  • Online ISBN: 978-3-319-70010-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics