21 Jun Complete the Project with 2-page Findings and Analysis.
Complete the Project with 2-page Findings and Analysis. To complete this assignment, the following must be observed:
- Adhere to and properly apply the Basic Citation Styles of the APA
- If you use another author's ideas, concepts, and words, you need to cite the source and give credit to the author. Not citing in-text the source will be considered plagiarism
- Use the Sample – APA – Paper provided as a formatting guide to submit your assignment ("Check for grammatical errors").
- References list must be formatted per APA.
4
Project Name and Idea for Network and Security
Student's Name
University Name
Course
Professor's Name
Date
Project Name and Idea for Network and Security
Project name: Network Traffic Analysis
Network traffic analysis is a cybersecurity project performed on the network and security systems. A network traffic analysis project is based on sniffing the packets in each network to monitor each packet passing through the organization's network (Papadogiannaki & Ioannidis, 2021). The project involved integrating different techniques to analyze the social structure of the network and the activities involved. To perform this activity, permission from the respective organization is required as it is performed on the whole network system of the organization to get the cybercriminals who intend to steal the organization's private information.
Monitoring the network to identify the anomalies of every activity that promotes security and the ones that lead to insecurities is essential to every organization. The majority of the sensitive information is transported from the user to the receiver through the network system. When the information is in the network, it is accompanied by many anomalies, especially from hackers trying to get information without authorization. When such happens to an organization, many losses, including financial, resources, reputation, and customers, will be experienced by the organization.
The network traffic analysis (NTA) project creates a real-time solution to detect different types of malware to counter these losses. To effectively perform such a project, two methods are involved, passive and active analysis (Mousavi, Khansari, & Rahmani, 2020). In the passive analysis method, the ones involved with the project track the attacker's features from one side of the network and then use the information to look for vulnerabilities or traces on the other side of the network.
The active traffic analysis is performed on the network's real-time basis, where the packet flow's timing is used. The one penetrating the internet behaves like an attacker and monitors the flow of packets in a specific pattern on either side of the network (Shahid et al., 2018). Determining the flow of packets on either side of the network helps determine the packets' characteristics with the message intended. The packets from cybercriminals will have some anomalies and will be well identified using the NTA security method.
Passive and active traffic analysis methods are used with other analysis tools. Their main aim is to determine the pattern of packets in the network and the noise accompanied by each packet. Recognizing the anomalies in the packet transportation throughout the network with the different variety of noises is one of the best activities for ensuring a secure network in the organization.
The project applies to all the organizations that have implemented a network for sharing information from one user to another. To mention a few, we have military, e-commerce, manufacturing, corporations, educational institutions, government, and non-government organizations, among others. The professionals involved with the NTA can either be internal or external, provided the detection, diagnosis, and resolution of the network issues have been achieved.
Organizations with sensitive information should incorporate these projects to secure the network. This is because it enables them to identify the frequency of communication, lack of activity in the network, who talks with who and when, and the flow of information from one person to another. It is an important activity as it helps in fast determining the cybercrime activities that are very costly to the company.
References
Papadogiannaki, E., & Ioannidis, S. (2021). A survey on encrypted network traffic analysis applications, techniques, and countermeasures. ACM Computing Surveys (CSUR), 54(6), 1-35.
Mousavi, S. H., Khansari, M., & Rahmani, R. (2020). A fully scalable big data framework for botnet detection based on network traffic analysis. Information Sciences, 512, 629-640.
2
Student’s name:
Instructor’s name:
Date due:
Network Traffic Analysis (NTA)
NTA, simply put, implies cybersecurity monitoring the network traffic activities with the specific intentions of identifying anomalies, with major concentration on security/operational issues. Its applications include collection of real-time issues occurring in the network or analyzing previous/historical records from the traffic data packets to sniff out how hackers may attempt to invade a specific network using the various entry points in the network. As the network is continuously being used to either send or receive data packets by the various network users in the organization it needs constant monitoring by a network analyst to help provide real time protection from malware and human attacks (Fletcher et.al 2002). Most sensitive data may be included in the packets and this poses the risk of getting into the wrong hands. If such information was to be accessed by an outside party, the organization may incur losses, including financial loss, reputation decline, resource attacks and bad exposure. In order to effectively make the network foolproof, the network analyst has to be involved in the whole process of layout to functionality of the network.
Should an organization choose active monitoring or passive monitoring for their network performance strategy?
Different organizations incorporate different ways of monitoring their network. The Network traffic Analysis Project makes it possible for the project manager be able to receive the organizations network layout and how data packets get transferred over the network and identify the various vulnerable/weak points that possible attacks may come from. Once the network has been laid and running, different techniques are introduced to help analyze the network and try to cover the routes that may be considered entry points of attack and hence try to cover those routes before an attack is made (Phippen 2004).The network traffic analyst can invoke a real-time solution capable of detecting these anomalies and counter them before escalating their threats. This mode of pre-empting such malicious attacks may be achieved via undertaking two methods, passive and active analysis of a network. With the passive approach, the goal is mainly to predict where an attack may come from. This technique simply means the analyst copies captured traffic on a network, from a mirror port or tapping the network for later use and pre-empting how a hacker may use loopholes in the network to attack the organization, and then effectively coming up with solutions to combat them before they happen.
Active network analysis or synthetic network monitoring, means the analyst performs network tracking real-time for the organization and is tedious as it will require constant snooping by the organization’s network analysts. In this case, the network analyst releases test traffic into the network then observes that packet traffic flowing through the network and not taken from the actual transactions occurring on the network, but simply sent through the network to allow your monitoring solution examine it on its path. The test traffic copies the typical network traffic flowing through your system enabling the organization gain relevant insights on their network. This also allows them gauge the networks performance real-time.
Passive and Active methods both have certain network monitoring solutions tools that can come handy to enhance the analyst’s work suck as SolarWinds Network Performance Monitor, Auvik, ManageEngine among others (Lucas 2010, p76). Therefore, organizations housing sensitive information must incorporate these projects in order to secure their networks as it enables them identify the communication frequency, lack of activity in the network, how and when various members communicate, and also information flow from one person to the next another. It is important to safeguard the security of an organization.
References
Fletcher, Peter & Poon, Alex & Pearce, Ben & Comber, Peter. (2002). Practical Web Traffic Analysis. https://www.waterstones.com/book/practical-web-traffic-analysis/peter-fletcher/alex-poon/9781590592083 .
Phippen, A. (2004). An evaluative methodology for virtual communities using web analytics. Campus-wide Information Systems. https://www.emerald.com/insight/publication/issn/1065-0741/vol/31/iss/5 .
Lucas,M.(2010). Network flow analysis. No Starch Press.
