F. Alhaidari, Rawan Mushref Tammas, Dana Saeed Alghamdi, Reem Aied Alrashedi, Nora Adnan Althani, S. Alsaidan, Malak Alfosail, Rachid Zagrouba, Hussain Alattas
{"title":"A study on Automated Cyberattacks Detection and Visualization","authors":"F. Alhaidari, Rawan Mushref Tammas, Dana Saeed Alghamdi, Reem Aied Alrashedi, Nora Adnan Althani, S. Alsaidan, Malak Alfosail, Rachid Zagrouba, Hussain Alattas","doi":"10.1109/CICN56167.2022.10008351","DOIUrl":null,"url":null,"abstract":"With technology evolving, cyberattacks are increasing massively. Therefore, companies and organizations are obliged to implement high-security measures to prevent, mitigate, and respond to such attacks. If a company faces a cyberattack, it should pass through the post-incident forensics analysis phase. This phase is a significant part of the investigation process since it provides valuable information on how the attack was conducted and where the vulnerability was, allowing the security team to patch it and learn how to defend against future attacks. For that reason, this paper aims to discuss a passive analysis of network traffic and review the current network traffic analysis tools and techniques, summarize, analyze, and compare them based on pre-defined criteria to find the literature gap to address it. The gap found after the analysis is that no tool suffices for all purposes of network traffic passive analysis, in terms of both detecting the presence of attacks as well as to visualizing the traffic flow.","PeriodicalId":287589,"journal":{"name":"2022 14th International Conference on Computational Intelligence and Communication Networks (CICN)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 14th International Conference on Computational Intelligence and Communication Networks (CICN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CICN56167.2022.10008351","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
With technology evolving, cyberattacks are increasing massively. Therefore, companies and organizations are obliged to implement high-security measures to prevent, mitigate, and respond to such attacks. If a company faces a cyberattack, it should pass through the post-incident forensics analysis phase. This phase is a significant part of the investigation process since it provides valuable information on how the attack was conducted and where the vulnerability was, allowing the security team to patch it and learn how to defend against future attacks. For that reason, this paper aims to discuss a passive analysis of network traffic and review the current network traffic analysis tools and techniques, summarize, analyze, and compare them based on pre-defined criteria to find the literature gap to address it. The gap found after the analysis is that no tool suffices for all purposes of network traffic passive analysis, in terms of both detecting the presence of attacks as well as to visualizing the traffic flow.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
