Papers by SUDHANSHU SEKHAR TRIPATHY
Industrial Engineering Journal, 2024
The increasing reliance on inter-organizational information exchange has raised significant conce... more The increasing reliance on inter-organizational information exchange has raised significant concerns about the security of data and network infrastructures. Network monitoring plays a crucial role in mitigating these concerns, with tools like Wireshark and Snort forming the backbone of Intrusion Detection Systems (IDS). Initially developed as a packet inspection application, Wireshark is widely regarded for its user-friendly interface and intuitive packet-enhancement features, making it effective for classifying various types of network traffic. This research explores the practical application of Wireshark for network investigation, evaluating its role in conjunction with Snort to enhance IDS capabilities. The study examines potential improvements in these tools for heightened network security and their adaptability to emerging cyber threats. An experiment was conducted to assess the effectiveness of intrusion detection through real-time packet analysis, demonstrating the reliability of intrusive packet authentication within network environments. Wireshark was employed for real-time traffic inspection, capturing and analyzing packets, while Snort was used as the primary tool for detecting intrusions. The integration of Syslog and Snort facilitates the exchange of critical intrusion-related data, including packet counts, analysis of IPv4 packet conversations, and expert data on suspicious traffic. This study also focuses on the analysis of RSA-encrypted traffic and the evaluation of Local Area Networks (LAN) for signs of intrusion. Further, Wireshark's capabilities in monitoring and analyzing network activity were used to inspect TCP flags, generate I/O graphs for transmitted packet data, and produce TCP stream flow graphs for detecting intrusions. Additionally, the study includes TLS handshake analysis to identify abnormal or malicious network behavior. The use of ping requests from the attacker’s IP address to the victim’s IP address is highlighted as a method for detecting ongoing malicious activity. Through packet analysis, network traffic is classified as either malformed or well-formed, aiding in the identification of security breaches. Wireshark's in-depth packet inspection enables the detection of unauthorized access from both secure and insecure devices. This research not only explores Wireshark's utility in network intrusion detection but also evaluates emerging trends and challenges associated with IDS technologies. The findings contribute valuable insights for advancing future IDS research, particularly in adapting to the evolving landscape of network security threats. This technical evaluation highlights the importance of continuous development in tools like Wireshark and Snort to keep pace with the dynamic nature of cyberattacks, ensuring robust defense mechanisms for secure data transmission and network integrity.
International Journal of Science and Research Archive, 2024
Since the 1990s, the integration of technology into daily life has led to the creation of an exte... more Since the 1990s, the integration of technology into daily life has led to the creation of an extensive network of interconnected devices, transforming how individuals and organizations operate. However, this digital transformation has also spurred the rise of cybercrime, criminal activities perpetrated through networks or computer systems. Cybercrime has become a global concern, presenting significant challenges to security systems. Although advancements in digital technology have enhanced efficiency, they have also opened new avenues for exploitation by cybercriminals, highlighting the urgent need for advanced cybersecurity measures. The escalating number of cyberattacks and associated risks in the past decade highlights the critical importance of protecting sensitive data and safeguarding information systems. Cybercrimes range from financial fraud and phishing scams to identity theft and online harassment, posing substantial risks to both individuals and organizations. In response, governments, law enforcement agencies, and cybersecurity units have intensified their efforts to address these threats. In recent years, India has experienced a significant surge in cybercrime incidents, with a notable increase in cases involving ransomware, data breaches, and social engineering attacks. The growing penetration of internet services, the expansion of e-commerce, and the rapid adoption of digital payment systems have made individuals and organizations more vulnerable to cyber threats. Key areas affected include banking, healthcare, and government sectors, which are frequently targeted due to the sensitive nature of the data they handle. To combat these risks, there is an increasing focus on public awareness, cybersecurity education, and robust regulatory frameworks. This paper provides an in-depth analysis of cybercrime, with a focus on developing innovative prevention strategies, strengthening internal security protocols, and classifying key cybercrime terminologies to better understand their implications for digital infrastructure.
International Journal of Intelligent Systems and Applications in Engineering, 2024
IDS aims to protect computer networks from security threats by detecting, notifying, and taking a... more IDS aims to protect computer networks from security threats by detecting, notifying, and taking appropriate action to prevent illegal access and protect confidential information. As the globe becomes increasingly dependent on technology and automated processes, ensuring secured systems, applications, and networks has become one of the most significant problems of this era. The global web and digital technology have significantly accelerated the evolution of the modern world, necessitating the use of telecommunications and data transfer platforms. Researchers are enhancing the effectiveness of IDS by incorporating popular datasets into machine learning algorithms. IDS, equipped with machine learning classifiers, enhances security attack detection accuracy by identifying normal or abnormal network traffic. This paper explores the methods of capturing and reviewing intrusion detection systems (IDS) and evaluates the challenges existing datasets face. A deluge of research on machine learning (ML) and deep learning (DL) architecture-based intrusion detection techniques have been conducted in the past ten years on a variety of cyber security-based datasets, including KDDCUP'99, NSL-KDD, UNSW-NB15, CICIDS-2017, and CSE-CIC-IDS2018. We conducted a literature review and presented an in-depth analysis of various intrusion detection methods that use SVM, KNN, DT, LR, NB, RF, XGBOOST, Adaboost, and ANN. We have given an overview of each technique, explaining the function of the classifier mentioned above and all other algorithms used in the research. Additionally, a comprehensive analysis of each method has been provided in tabular form, emphasizing the dataset utilized, classifiers employed, assaults detected, an accurate evaluation matrix, and conclusions drawn from every technique investigated. This article provides a comprehensive overview of recent research on developing a reliable IDS using five distinct datasets for future research. This investigation was carefully analyzed and contrasted with the findings from numerous investigations.
Journal of Biomechanical Science and Engineering, 2023
The escalation of hazards to safety and hijacking of digital networks are among the strongest per... more The escalation of hazards to safety and hijacking of digital networks are among the strongest perilous difficulties that must be addressed in the present day. Numerous safety procedures were set up to track and recognize any illicit activity on the network's infrastructure. IDS are the best way to resist and recognize intrusions on internet connections and digital technologies. To classify network traffic as normal or anomalous, Machine Learning (ML) classifiers are increasingly utilized. An IDS with machine learning increases the accuracy with which security attacks are detected. This paper focuses on intrusion detection systems (IDSs) analysis using ML techniques. IDSs utilizing ML techniques are efficient and precise at identifying network assaults. In data with large dimensional spaces, however, the efficacy of these systems degrades. Correspondingly, the case is essential to execute a feasible feature removal technique capable of getting rid of characteristics that have little effect on the classification process. In this paper, we analyze the KDD CUP-'99' intrusion detection dataset used for training and validating ML models. Then, we implement ML classifiers such as "Logistic Regression, Decision Tree, K-Nearest Neighbour, Naïve Bayes, Bernoulli Naïve Bayes, Multinomial Naïve Bayes, XG-Boost Classifier, Ada-Boost, Random Forest, SVM, Rocchio classifier, Ridge, Passive-Aggressive classifier, ANN besides Perceptron (PPN), the optimal classifiers are determined by comparing the results of Stochastic Gradient Descent and backpropagation neural networks for IDS", Conventional categorization indicators, such as "accuracy, precision, recall, and the f1-measure", have been used to evaluate the performance of the ML classification algorithms.
Uploads
Papers by SUDHANSHU SEKHAR TRIPATHY