Statistical Analysis of Network Attacks Based on Passive Traffic Monitoring Through Honeypot

In the domain of network security, many technologies and tools have been used throughout the years to create and test systems of network intrusion detection system and to test the strengthen of computer security system. One of these is the honeypot. A honeypot appears as a normal part of the network but in actual way it is an isolated environment which monitors the malicious activities in a network. The main benefit of the honeypot is to collect the attack data which are not logged and detected by the network intrusion detection system. Nowadays, security system is very important to any organization to protect their data or any information kept in their computer from the intruders to access. Unauthorized user is able to connect to the organization's computers and control it in some form to view or access the files. Many of us know how to use the computer but do not have enough information to secure the computer especially for the system administrators. "A Statistical Analysis of Network Attacks Based on Passive Traffic Monitoring through Honeypot", this is exactly implemented during the course of our research area to get the internal things about honeypots and to collect the attack data. A honeynet based attack data collection framework is designed and presented in this paper. The isolated environment in the form of honeypots is established as a data feed of malicious traffic to statistical analytical algorithms. The distribution and graphical representations of statistical algorithms are presented which help any normal user or system administrators to see the distributions of attack data. The network packet dumps recorded on a honeypot are treated as malicious traffic which is combined with the normal traffic to learn the machine to detect the malicious activities in a network as real time scenarios.