The latest articles on DEV Community by Mohammed Alaiady (@malaiady). https://dev.to/malaiady https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1277089%2F05999bed-28a6-477d-9d58-eb28c4f68299.jpeg https://dev.to/malaiady en Mohammed Alaiady Fri, 09 Feb 2024 18:31:19 +0000 https://dev.to/malaiady/network-anomaly-detection-tool-40o5 https://dev.to/malaiady/network-anomaly-detection-tool-40o5 <h2> Table of Contents </h2> <ul> <li>Overview</li> <li>Features</li> <li>Installation</li> <li>Usage</li> </ul> <h2> Overview </h2> <p>This tool is designed for detecting abnormal behaviors in network traffic using the unsupervised Isolation Forest algorithm. It intercepts network packets in real-time, analyzes them, and identifies suspicious activities that deviate from normal patterns.</p> <h3> ScreenShot </h3> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fraw.githubusercontent.com%2Fm-alaiady%2FAbnormality-Detection-System-for-Network-Traffic%2Fmain%2Fimg%2Fimg-2.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fraw.githubusercontent.com%2Fm-alaiady%2FAbnormality-Detection-System-for-Network-Traffic%2Fmain%2Fimg%2Fimg-2.png" alt="Screenshot"></a></p> <h2> Features </h2> <ul> <li>Real-time packet interception and analysis</li> <li>Detection of abnormal network behaviors</li> <li>User-friendly interface for visualization of intercepted packets</li> <li>Configurable parameters for fine-tuning the detection algorithm</li> </ul> <h2> Installation </h2> <ul> <li>Clone the repository: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>git clone https://github.com/m-alaiady/Abnormality-Detection-System-for-Network-Traffic.git </code></pre> </div> <ul> <li>Navigate to the project directory </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">cd </span>Abnormality-Detection-System-for-Network-Traffic/ </code></pre> </div> <ul> <li>Install the required dependencies: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pip3 <span class="nb">install</span> <span class="nt">-r</span> requirements.txt </code></pre> </div> <h2> Usage </h2> <p>Run the following command:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="n">sudo</span> <span class="n">python3</span> <span class="n">main</span><span class="p">.</span><span class="n">py</span> </code></pre> </div> <p><em>Important: you need to modify the <code>interface</code> variable which in located directly after the main function</em></p> <ul> <li>Adjust the <code>contamination</code> parameter in the IsolationForest initialisation to control the sensitivity of the anomaly detection algorithm. Monitor the console output for intercepted packets and their analysis results.</li> </ul> <p>Visit <a href="https://github.com/m-alaiady/Abnormality-Detection-System-for-Network-Traffic" rel="noopener noreferrer">GitHub Repository</a> for more details.</p>