Malicious Traffic Detection System using Publicly Available Blacklist’s

Abstract

In this fastest growing technology with the increase in internet usage, the communication became much faster and easier which resulted in the massive growth in digitalization. With this the cyber crimes were increasing day-by-day . They employ every possible technique and trick to make the users as zombies for their malicious activities or Crypto mining. In recent years we are facing issues with ransomware’ which result in the loss of data integrity and confidentiality along with our privacy and anonymity. The malware’ can spread all over the network within no time. Using anti virus programs alone for safeguarding our network is a bad practice because they filter the traffic on signature based. Here problem is if the user is not up to date with the definitions from the AV provider, then he will be prone to the attack. In this model a system to track malicious trails in a network is done. This employs online malware detection system (Virus Total) and open source dynamic black lists which contain malware or suspicious programs along with some static pre compiled blacklists from different antivirus providers and our own definitions of block to filter the traffic which gives the detailed log report on the suspicious trails, this is from domain name or IP address or malicious scripts in the webpage.