Packet Analyser to Detect and Prevent Malicious Traffic

 




 

Lim, Cheng Yi (2024) Packet Analyser to Detect and Prevent Malicious Traffic. Final Year Project (Bachelor), Tunku Abdul Rahman University of Management and Technology.

[img] Text
RIS_Lim Cheng Yi_Fulltext.pdf
Restricted to Registered users only
Download (1MB)

Abstract

In this final year project, researches on different kinds of cyberattacks and their attack pattern have been made to develop a system that is capable of detecting them as the cyberattack trend is ever-growing in recent times. The scope of this project includes detecting Denial-of-Service (DOS) and Code injection attacks. The developed system consists of a few modules such as the Sniffer module, Read File module, and Detector module. The Sniffer module and Read File module have integrated the Detection module in order to detect attacks from live network and packet capture files. To determine if there is a DOS attack, the Detector module uses a rate-based detection algorithm which checks for the number of specific packets transmitted. Next, to detect an injection attack, the Detector module uses a pattern-matching algorithm which checks for specific keywords in a HTTP payload. This module serves an important role to fulfil the purpose of the project. In the context of methodology used when developing the project, the System Development Life Cycle (SDLC) is used, which goes through the phase of analysis, system design, implementation and testing. The final system has gone through several iterations in order to ensure that it complies with the functional requirements. The core functions of the system are tested by inputting malicious network traffic into the system to check the response. It is to ensure that the system can perform what it is expected to do. The main strength of the system is that it is simple yet multifunctional as it can be used as a packet sniffing tool or detection tool. The main weakness of this system is that it lacks a comprehensive detection algorithm which can be further improved with the approach of machine learning.

Item Type: Final Year Project
Subjects: Science > Computer Science > Computer security. Data security
Technology > Technology (General) > Information technology. Information systems
Faculties: Faculty of Computing and Information Technology > Bachelor of Information Technology (Honours) in Information Security
Depositing User: Library Staff
Date Deposited: 12 Aug 2024 08:22
Last Modified: 12 Aug 2024 08:22
URI: https://eprints.tarc.edu.my/id/eprint/29735
 
TAR UMT Institutional Repository is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.
TAR UMT Institutional Repository supports OAI 2.0 with a base URL of https://eprints.tarc.edu.my/cgi/oai2
Tunku Abdul Rahman University of Management and Technology Library | Tel:603-4145 0123 Ext: 3229 /3459 | Email: library@tarc.edu.my