Network Anomaly Detection Tool

Table of Contents

• Overview
• Features
• Installation
• Usage

Overview

This tool is designed for detecting abnormal behaviors in network traffic using the unsupervised Isolation Forest algorithm. It intercepts network packets in real-time, analyzes them, and identifies suspicious activities that deviate from normal patterns.

ScreenShot

Features

• Real-time packet interception and analysis
• Detection of abnormal network behaviors
• User-friendly interface for visualization of intercepted packets
• Configurable parameters for fine-tuning the detection algorithm

Installation

• Clone the repository:

git clone https://github.com/m-alaiady/Abnormality-Detection-System-for-Network-Traffic.git

• Navigate to the project directory

cd Abnormality-Detection-System-for-Network-Traffic/

• Install the required dependencies:

pip3 install -r requirements.txt

Usage

Run the following command:

sudo python3 main.py

Important: you need to modify the interface variable which in located directly after the main function

• Adjust the contamination parameter in the IsolationForest initialisation to control the sensitivity of the anomaly detection algorithm. Monitor the console output for intercepted packets and their analysis results.

Visit GitHub Repository for more details.