A Machine Learning-Based Packet Sniffer for Secure Traffic Monitoring and Analysis in Computer Networks

Abstract

The proposed research study is a machine learning-based packet sniffer for secure and efficient traffic monitoring and analysis in computer networks. The overall purpose is to capture packets over the network, and then eventually unpack data to make sense out of it. Such aspects of data captured from the Ethernet frame include Ipv4 packet, ICMP packet, TCP Segment and flags. With this data, we will be able to capture and write it on a file. Internet Protocol version 4 (IPv4) is the fourth version of the Internet Protocol (IP). It is one of the core protocols of standards-based internet working methods in the Internet and other packet-switched networks. The Internet Protocol is the protocol that defines and enables internetworking at the internet layer of the Internet Protocol Suite. In essence, it forms the Internet. It uses a logical addressing system and performs routing, which is the forwarding of packets from a source host to the next router that is one hop closer to the intended destination host on another network. The Internet Engineering Task Force (IETF) and IANA have restricted from general use various reserved IP addresses for special purposes. Notably these addresses are used for multicast traffic and to provide addressing space for unrestricted uses on private networks. The Internet Control Message Protocol (ICMP) is a supporting protocol in the Internet protocol suite. It is used by network devices, including routers, to send error messages and operational information indicating success or failure when communicating with another IP address. The ICMP packet is encapsulated in an IPv4 packet. The packet consists of header and data sections. A TCP segment consists of data bytes to be sent and a header that is added to the data by TCP. With this invention of transferring data over and through the internet, there is a major problem of ineffectiveness of traditional network security measures in addressing the ever changing landscape of cyber threats targeting the utilization of networks in data transfer. Conventional security measures such as firewalls, intrusion detection systems, and antivirus software provide essential layers of defense but often fail to detect and prevent sophisticated attacks that bypass these defenses. The study is expected to establish a tool called packet sniffer that will aid in efficient and secure monitoring of the network traffic. The problem at hand is the limited effectiveness of traditional network security measures in addressing the evolving landscape of cyber threats. Traditional network security measures often fall short in effectively detecting and mitigating these threats, highlighting the need for advanced approaches to enhance network security. The objective of this study is to design a machine learning based Packet sniffing model that can automate the detection and classification of network attacks, then develop an efficient packet sniffer machine learning-based algorithm using the designed model and finally to validate the effectiveness and efficiency of the machine learning-based packet sniffer through extensive experimentation and comparative studies with existing solutions. The study will also seek to inform policy makers and stakeholders in the Information Technology (IT) field on the effectiveness of the solution and will also serve as a guide for putting in place policies to govern utilization of networks as a necessity in the day-to-day operations. The methodology that will be used is a mixed method design that is study survey, design science research and experimental research.