Network security is a critical concern in today’s digital world, requiring efficient methods for the automatic detection and analysis of cyber attacks. This study uses the Kitsune Network Attack Dataset to explore network traffic behavior for IoT devices under various attack scenarios, including ARP MitM, SYN DoS, and Mirai Botnet. Utilizing Python-based data analysis tools, we preprocess and analyze millions of network packets to uncover patterns indicative of malicious activities. The study employs packet-level time-series analysis to visualize traffic patterns and detect anomalies specific to each attack type. Key findings include high packet volumes in attacks such as SSDP Flood and Mirai Botnet, with the Mirai Botnet attack involving multiple IP addresses and lasting over 2 hours. Notable attack-specific behaviors include high traffic on port -1 and targeted traffic on specific ports like 53195. The SYN DoS and Mirai Botnet attacks are characterized by their prolonged durations, suggesting significant disruption. Overall, the study highlights distinctive attack patterns and underscores the importance of understanding these characteristics to enhance detection and response mechanisms.
Read full abstract