Identifying the Origin of Cyber Attacks Using Machine Learning and Network Traffic Analysis
In this paper, PCAP refers to Packet Capture, Network Intrusion Detection Systems refers to NIDS, Artificial Intelligence refers to AI, machine learning refers to ML, Computer Vision refers to CV, and Natural Language Processing refers to NLP. While the development of the internet promotes global pr...
Saved in:
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
EDP Sciences
2025-01-01
|
| Series: | ITM Web of Conferences |
| Online Access: | https://www.itm-conferences.org/articles/itmconf/pdf/2025/01/itmconf_dai2024_01021.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1825206550480814080 |
|---|---|
| author | Du Tianqing |
| author_facet | Du Tianqing |
| author_sort | Du Tianqing |
| collection | DOAJ |
| description | In this paper, PCAP refers to Packet Capture, Network Intrusion Detection Systems refers to NIDS, Artificial Intelligence refers to AI, machine learning refers to ML, Computer Vision refers to CV, and Natural Language Processing refers to NLP. While the development of the internet promotes global progress, it also brings various cyber-attacks, such as phishing, junk emails, and keylogging. To ensure a clean internet environment, it is essential to identify the origin of cyber-attacks for effective defense and mitigation. This paper introduces an effective method of internet protection—machine learning. A common technique in the modern world, machine learning offers significant insights into locating the IP address and data origin. The focus of this paper is on how supervised machine learning is used to determine the data origin. The Random Forest Classifier is the key model analyzing network traffic data to predict the origin of cyber-attacks. By converting IP addresses, packet lengths, and protocol types into numerical features from PCAP files, this study applies machine learning techniques to classify attack behaviors. Additionally, an experiment testing the model’s effectiveness is designed to prove its efficiency and ensure the model’s precision. |
| format | Article |
| id | doaj-art-2de6738c8621469086a96bf813f14dd5 |
| institution | Kabale University |
| issn | 2271-2097 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | EDP Sciences |
| record_format | Article |
| series | ITM Web of Conferences |
| spelling | doaj-art-2de6738c8621469086a96bf813f14dd52025-02-07T08:21:10ZengEDP SciencesITM Web of Conferences2271-20972025-01-01700102110.1051/itmconf/20257001021itmconf_dai2024_01021Identifying the Origin of Cyber Attacks Using Machine Learning and Network Traffic AnalysisDu Tianqing0Teda International School No. 72In this paper, PCAP refers to Packet Capture, Network Intrusion Detection Systems refers to NIDS, Artificial Intelligence refers to AI, machine learning refers to ML, Computer Vision refers to CV, and Natural Language Processing refers to NLP. While the development of the internet promotes global progress, it also brings various cyber-attacks, such as phishing, junk emails, and keylogging. To ensure a clean internet environment, it is essential to identify the origin of cyber-attacks for effective defense and mitigation. This paper introduces an effective method of internet protection—machine learning. A common technique in the modern world, machine learning offers significant insights into locating the IP address and data origin. The focus of this paper is on how supervised machine learning is used to determine the data origin. The Random Forest Classifier is the key model analyzing network traffic data to predict the origin of cyber-attacks. By converting IP addresses, packet lengths, and protocol types into numerical features from PCAP files, this study applies machine learning techniques to classify attack behaviors. Additionally, an experiment testing the model’s effectiveness is designed to prove its efficiency and ensure the model’s precision.https://www.itm-conferences.org/articles/itmconf/pdf/2025/01/itmconf_dai2024_01021.pdf |
| spellingShingle | Du Tianqing Identifying the Origin of Cyber Attacks Using Machine Learning and Network Traffic Analysis ITM Web of Conferences |
| title | Identifying the Origin of Cyber Attacks Using Machine Learning and Network Traffic Analysis |
| title_full | Identifying the Origin of Cyber Attacks Using Machine Learning and Network Traffic Analysis |
| title_fullStr | Identifying the Origin of Cyber Attacks Using Machine Learning and Network Traffic Analysis |
| title_full_unstemmed | Identifying the Origin of Cyber Attacks Using Machine Learning and Network Traffic Analysis |
| title_short | Identifying the Origin of Cyber Attacks Using Machine Learning and Network Traffic Analysis |
| title_sort | identifying the origin of cyber attacks using machine learning and network traffic analysis |
| url | https://www.itm-conferences.org/articles/itmconf/pdf/2025/01/itmconf_dai2024_01021.pdf |
| work_keys_str_mv | AT dutianqing identifyingtheoriginofcyberattacksusingmachinelearningandnetworktrafficanalysis |