Enterprise Network Infrastructure Malicious Activity Analysis

Inter and intra-network connectivity have become a useful resource for accessibility and flexibility of data for different organizations. Online services are increasing day by day, everything is available online, it generates a huge amount of data, that require cyber security revolves for ensuring secure interconnectivity between devices. Because of an exponential increase in internet users and cyber-attacks, the data security and credibility of various organizations is on stake. In the continued development of the threat environment, cyber security experts deal with numerous threats on daily basis. As multiple attacks on computer networks and systems are becoming stronger each day therefore current security tools are often inadequate to resolve issues relating to unauthorized users, reliability, and reliable network security. To maintain a safe environment, Intrusion-Detection Mechanisms (IDS) enabled to control device functions and detect intrusions should typically be used to supplement with other protection strategies; for which conventional security methods are inadequate. Actual users expect their requested information to be processed in real-time, while malicious traffic needs to be mitigated just as quickly as possible. As traffic increases, this problem becomes more complex. This paper contributes a detailed analysis of network packets to find anomaly detection based on the UNSW NB 15 dataset and investigate the the difference between IP packet behavior for both malicious and legitimate packets. Besides we acquaint with new methodologies to illuminate and appraise the network attack in a very proficient way using different machine learning algorithms which will accomplish locating the malicious traffic in the least execution time with precision.