Sniffing Detection Based on Network Traffic Probing and Machine Learning
Cyber attacks are on the rise and each day cyber criminals are developing more and more sophisticated methods to compromise the security of their targets. Sniffing is one of the most important techniques that enables the attacker to collect information on the vulnerabilities of the devices, protocol...
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2020-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/9165714/ |
| id |
doaj-eb952cf88d8b4041955e59d71cc14695 |
|---|---|
| record_format |
Article |
| spelling |
doaj-eb952cf88d8b4041955e59d71cc146952021-03-30T03:25:23ZengIEEEIEEE Access2169-35362020-01-01814925514926910.1109/ACCESS.2020.30160769165714Sniffing Detection Based on Network Traffic Probing and Machine LearningMarcin Gregorczyk0https://orcid.org/0000-0002-1108-2780Piotr Zorawski1https://orcid.org/0000-0002-9874-2162Piotr Nowakowski2https://orcid.org/0000-0001-8971-0874Krzysztof Cabaj3https://orcid.org/0000-0002-5955-5890Wojciech Mazurczyk4https://orcid.org/0000-0002-8509-4127Institute of Telecommunications, Warsaw University of Technology, Warsaw, PolandInstitute of Telecommunications, Warsaw University of Technology, Warsaw, PolandInstitute of Telecommunications, Warsaw University of Technology, Warsaw, PolandInstitute of Computer Science, Warsaw University of Technology, Warsaw, PolandInstitute of Computer Science, Warsaw University of Technology, Warsaw, PolandCyber attacks are on the rise and each day cyber criminals are developing more and more sophisticated methods to compromise the security of their targets. Sniffing is one of the most important techniques that enables the attacker to collect information on the vulnerabilities of the devices, protocols and applications that can be exploited within the targeted network. It relies mainly on passively analyzing the traffic exchanged within the network, and due to its nature, such an activity is difficult to discover. That is why, in this article, we first revisit existing techniques and tools that can be used to perform sniffing as well as the corresponding mitigation methods. Based on this background, we propose a novel measurement-based detection method that infers whether the sniffing software is active on the suspected machine by network traffic probing and machine learning techniques. The presented experimental results prove that the proposed solution is effective.https://ieeexplore.ieee.org/document/9165714/AIartificial intelligenceMLmachine learningnetwork securitysniffing |
| collection |
DOAJ |
| language |
English |
| format |
Article |
| sources |
DOAJ |
| author |
Marcin Gregorczyk Piotr Zorawski Piotr Nowakowski Krzysztof Cabaj Wojciech Mazurczyk |
| spellingShingle |
Marcin Gregorczyk Piotr Zorawski Piotr Nowakowski Krzysztof Cabaj Wojciech Mazurczyk Sniffing Detection Based on Network Traffic Probing and Machine Learning IEEE Access AI artificial intelligence ML machine learning network security sniffing |
| author_facet |
Marcin Gregorczyk Piotr Zorawski Piotr Nowakowski Krzysztof Cabaj Wojciech Mazurczyk |
| author_sort |
Marcin Gregorczyk |
| title |
Sniffing Detection Based on Network Traffic Probing and Machine Learning |
| title_short |
Sniffing Detection Based on Network Traffic Probing and Machine Learning |
| title_full |
Sniffing Detection Based on Network Traffic Probing and Machine Learning |
| title_fullStr |
Sniffing Detection Based on Network Traffic Probing and Machine Learning |
| title_full_unstemmed |
Sniffing Detection Based on Network Traffic Probing and Machine Learning |
| title_sort |
sniffing detection based on network traffic probing and machine learning |
| publisher |
IEEE |
| series |
IEEE Access |
| issn |
2169-3536 |
| publishDate |
2020-01-01 |
| description |
Cyber attacks are on the rise and each day cyber criminals are developing more and more sophisticated methods to compromise the security of their targets. Sniffing is one of the most important techniques that enables the attacker to collect information on the vulnerabilities of the devices, protocols and applications that can be exploited within the targeted network. It relies mainly on passively analyzing the traffic exchanged within the network, and due to its nature, such an activity is difficult to discover. That is why, in this article, we first revisit existing techniques and tools that can be used to perform sniffing as well as the corresponding mitigation methods. Based on this background, we propose a novel measurement-based detection method that infers whether the sniffing software is active on the suspected machine by network traffic probing and machine learning techniques. The presented experimental results prove that the proposed solution is effective. |
| topic |
AI artificial intelligence ML machine learning network security sniffing |
| url |
https://ieeexplore.ieee.org/document/9165714/ |
| work_keys_str_mv |
AT marcingregorczyk sniffingdetectionbasedonnetworktrafficprobingandmachinelearning AT piotrzorawski sniffingdetectionbasedonnetworktrafficprobingandmachinelearning AT piotrnowakowski sniffingdetectionbasedonnetworktrafficprobingandmachinelearning AT krzysztofcabaj sniffingdetectionbasedonnetworktrafficprobingandmachinelearning AT wojciechmazurczyk sniffingdetectionbasedonnetworktrafficprobingandmachinelearning |
| _version_ |
1724183583822708736 |