Visualization tool for network forensics analysis using an Intrusion Detection System ( Cyber ViZ )

Visualization tool for network forensics analysis using an Intrusion Detection System

( Cyber ViZ )

Project ID: - PIT-58

Project Team:-

Project Coordinator :- Mr. Jayantha Amaraarachchi Project Supervisor : - Mr. Lakmal Rupasinghe 

DIT Number Name

DIT/06/E1/2022 Abeyrathne K.B.

DIT/06/E1/2028 Yaparathna Y.M.P.K.B.

DIT/06/E1/2025 Ilangarathna I.M.

DIT/06/E1/2008 Wadigamangawa A.H.M.S.D.B.

DIT/06/E1/2017 De Silva D.P.H.R.

Our Team Members …

CyberViZ 2

Introduction …

3CyberViZ

What is network forensic?

Network Forensics is used to find evidence of such Attacks

Recognize Threats through the IDS

Benefits of Visualize Network Traffic

Provide better way to collect evidence

Existing Systems and Research

4CyberViZ

Existing Systems

Ethereal TNV VisFlowConnect-IP

Features of our system

5CyberViZ

Intrusion Detection System

Packet capturing & Extracting methods

Network traffic visualization

Our System

6CyberViZ

7

System Overview

CyberViZPIT-58

Benefits

8CyberViZ

Simplify network forensic analysis through less complex visuals.

Integrating an IDS with a network visualization tool for network forensic analysis to be more convenient

Detecting network attacks through the forensic analysis which cannot be detected by a normal IDS

Platform independence

PIT-58

9

Technology Requirements

CyberViZPIT-58

Need a switched network with “snort” IDS in every host in network.

Need centralized MySQL database.(Using Wamp Server)• Jpcap – Windows/Linux• Libpacp – Linux• Winpcap – Windows• Snort – Windows/Linux

ThankThank You You ……