WEST GODAVARI INSTITUTE OF SCIENCE AND ENGINEERING

An ISO 9001:2015 Certified College, ACREDITTED NAAC : B++

(Approved By AICTE New Delhi &Affiliated to JNTU Kakinada) Prakasaraopalem, Tadepalligudem, E.G.Dist,
A.P,INDIA

DESIGN AND IMPLEMENTATION OF A CYBERSECURITY TOOLSET FOR NETWORK

MONITORING AND INTRUSION DETECTION IN PYTHON
Presented by
P.SOWNDARYA (20PD1A0545) K.D.N.V.PRASAD (20PD1A0526)
S.L.M.MADHURI (20PD1A0551) M.A.S.RAGHAVA (20PD1A0535)
E.P.V. KUMAR (20PD1A0520) D.SURENDRA REDDY (20PD1A0519)

Under the guidance of Head Of the Department

• DR.P. AMARAVATHI, M.tech , Ph.D DR.P. AMARAVATHI, M.tech , Ph.D

• HEAD OF THE DEPARTMENT HEAD OF THE DEPARTMENT

Design and
Implementation of a
Cybersecurity Toolset
for Network
Monitoring and
Intrusion Detection in
Python
PRESENTING BY:
P.Sowndarya(20PD1A0545)
K.D.N.V.PRASAD(20PD1A0526)
S.L.M.Madhuri(20PD1A0551)
M.A.S.Raghava(20PD1A0535)
D.Surendra Reddy(20PD1A0519)
E.Prasanth Venkata Kumar(20PD1A0520)
AGENDA
01 02 03 04

ABSTRACT INTRODUCTION EXISTING S/W AND H/W

In this abstract we In this METHOD AND REQUIREMENTS
are going to give a introduction we PROPOSED
summary of a are going to METHOD
project introduce what the
project is
AGENDA
01 02 03 04

ABSTRACT INTRODUCTION EXISTING S/W AND H/W

In this abstract we In this METHOD AND REQUIREMENTS
are going to give a introduction we PROPOSED
summary of a are going to METHOD
project introduce what the
project is
AGENDA
01 02 03 04

ABSTRACT INTRODUCTION EXISTING S/W AND H/W

In this abstract we In this METHOD AND REQUIREMENTS
are going to give a introduction we PROPOSED
summary of a are going to METHOD
project introduce what the
project is
AGENDA
01 02 03 04

ABSTRACT INTRODUCTION EXISTING S/W AND H/W

In this abstract we In this METHOD AND REQUIREMENTS
are going to give a introduction we PROPOSED
summary of a are going to METHOD
project introduce what the
project is
AGENDA
05 06 07 04
ADVANTAGES
FLOW CHART MODULES IMPLEMENTATIO AND
AND N DISADVANTAGES
ARCHITECTURE
AGENDA
05 06 07 04
ADVANTAGES
FLOW CHART MODULES IMPLEMENTATIO AND
AND N DISADVANTAGES
ARCHITECTURE
AGENDA
05 06 07 04
ADVANTAGES
FLOW CHART MODULES IMPLEMENTATIO AND
AND N DISADVANTAGES
ARCHITECTURE
AGENDA
05 06 07 08
ADVANTAGES
FLOW CHART MODULES IMPLEMENTATIO AND
AND N DISADVANTAGES
ARCHITECTURE
 ABSTRACT
 IOT security is increasingly vital as I voter
devices are prone to attacks.
 The paper presents a framework for real-
3 time deduction of malicious activities in IoT
2 4 systems.
 It merges machine learning, anomaly
1 5
detection, and network security for proactive
8 6 threat identification.
7  By analyzing network traffic and device
behavior, it efficiently detects diverse
attacks, bolstering IO T cybersecurity.
 The framework targets various IoT security
challenges, such as DDoS attack, malware,
and unauthorized access.
01
 INTRODUCTION
 IOT’s rapid expansion creates new cyber
security challenges.
2 3  Attacks on IoT infrastructure pose various
4 threats, including data breaches and service
1 5 disruptions.
 Traditional cybersecurity methods often
8 6 fall short in protecting IoT systems.
7  Resource constraints and lack of security
features heightened IoT device
vulnerabilities.
 Real- time detection mechanisms are
crucial to promptly respond to security
threats in IoT environments. 02
 EXISTING METHOD

1. IDS forms the core of real- time intrusion

deduction to IoT security systems
3 2. Machine learning and AI enhance IDS by
analyzing diverse data sets for emerging
2 4 threats.
1 5 3. Anomaly detection identifies deviations
from normal device behavior, triggering
8 6 alerts.
7 4. Threat intelligence feeds offer updated
data on known threats, aiding proactive
defense.
5. Integration of threat intelligence improves
real time reduction and mitigation of
attacks
03
 PROPOSED SYSTEM

1. Advanced anomaly reduction with tailored

machine learning for iot
3 4 2. Utilizes edge computing for real- time
2
detection closer to the source.
1
5 3. Advocates standardized security protocols
8 6
7 across IoT devices.
4. Integrates threat intelligence feeds to stay
ahead of emerging threats.
5. Promote collaborative difference and user
education for enhanced resilience. 04
 HARDWARE AND SOFTWARE
REQUIREMENTS

HARDWARE REQUIREMENTS:
• System : Pentium IV 2.4 GHz.
3
2 4 • Hard Disk : 40 GB.
1 5 • Ram : 512 Mb.

8 6
7 SOFTWARE REQUIREMENTS:
• Operating system : Windows.
• Coding Language : python.

05
 USE CASE DIAGRAM

Upload UNSW-NB15 Dataset

3 Pre-process Dataset

2 4
Dataset Train & Test Split

1 5
User.
Train Deep Learning GAN
Algorithm
8
7 6
Comparison Graph

Attack Prediction from Test Data

06
 ARCHITECTURE

3
2 4

1 5

8 6
7

07
MODULES PYTHON ECOSYSTEM OVERVIEW :

TENSOR FLOW : Google’s tensor flow facilities

data flow and differentiable programming
extensively used in machine learning system.
3 NUMPY: Numpy provide efficient array processing
2 4 and tools for scientific computing in Python .
PANDAS : pandas offers high- performance data
1 5 manipulation and analysis tools, crucial for various
domains .
8 6
7 MATPLOTLIB : Matplotlip enables the creation of
publication- quality plots in Python, vital for
visualization tasks.
Scikit-learn : Scikit-learn provides a wide range of
machine learning algorithms in Python, fostering
widespread adoption.
08
N:
N:
es
gital
ted
rage
m,data
S),
ter
,and
ess,so
olete
s to
lly,
SaaS
ES)
ed tinga
ordble
you-

IMPLEMENTATION
aem and
is
eys
ce's
pher
y.
gucial
aureis
on-
y,
pin
orld
for
orost
non-a
ding
nyle
and
ypes
cate
or -ed
oss
nd
es
are so
sage
a
the
ic
 DEVELOPMENT
PLANNING AND INTEGRATION DEPLOYMENT
OF MONITORING
DESIGN: AND DETECTION
AND TESTING : AND
MODULES: MAINTENANCE:
1. Identify the specific 1. Integrate the monitoring 1. 1 deploy the cybersecurity tool
cybersecurity requirements and and detection modules set in the target network
objectives for network 1. Implement modules for real- into a cohesive environment, following best
monitoring and intrusion time network monitoring, practices for security and
cybersecurity tool set.
detection capturing and analyzing performance.
2. Define the scope of the project, 2. To conduct thorough 2. Monitor the tool sets and
network traffic, and testing to validate the
including the types of threats monitoring system activities. production to identify any
to detect and the network functionality and issues or false positives /
2. Develop interaction detection
infrastructure to monitor. algorithms utilizing effectiveness of the tool negatives and perform regular
3. Design the architecture and set in detecting various updates and maintenance.
techniques such as signature-
components of the types of cyber threats 3. Provide documentation and
based detection, anomaly
cybersecurity tool set, 3. perform integration training for users to effectively
detection, and machine
considering factors such as utilize the tool set for ongoing
learning testing to ensure
scalability, performance, and network security monitoring
ease of deployment.
3. Integrate third party libraries compatibility with and intrusion detection.
4. Finally define requirements, or frameworks as needed, different network 4. Finally deploy tool sets,
scope, and architecture for the such as pyShark for packet environments and monitor, and provide ongoing
tool set capturing or scikit-learn for operating systems. maintenance.
machine learning algorithms
In above screen click on ‘Upload UNSW-NB15 Dataset’ button to upload dataset and then will get below output
In above screen selecting and uploading ‘UNSW’ dataset file and then click on ‘Open’ button to load dataset and then will get
below output
In above screen dataset loaded and in text area can see dataset contains both numeric and non-numeric values so by
employing label encoder class will convert non-numeric data to numeric data as Algorithm will take only numeric
values. In above graph x-axis represents attack names and y-axis represents count of those attacks found in dataset.
Now close above graph and then click on ‘Pre-process Dataset’ button to clean dataset and then will get below output
In above screen can see all dataset values converted to numeric format and in last lines can see dataset size and its
features or column numbers and now click on ‘Dataset Train & Test Split’ button to split dataset into train and test and
then will get below output
In above screen can see train and test and now click on ‘Train Deep Learning GAN Algorithm’ button to train model and get
below output
In above screen GAN model got 98% accuracy and can see other In above graph all different colour bars represents
metrics like precision, recall etc. In Confusion matrix graph x- different metrics and can see all metrics are closer to
axis represents Predicted Labels and y-axis represents True 100%. Now close above graph and then click on
Labels and all different colour boxes in diagnol represents ‘Attack Prediction from Test Data’ button to upload test
correct prediction count and remaining all blue boxes represents data and get below output
incorrect prediction count which are very few. Now close above
graph and then click on ‘Comparison Graph’ button to get below
graph
In above screen selecting and uploading ‘testdata.csv’ file and then click on ‘Open’ button to get below output
ADVANTAGES
 ADVANTAGES:

1. Advanced anomaly detection

tailored for IoT.
2. Utilization of machine learning for
real-time threat detection.
3. Integration of edge computing for
enhanced responsiveness.
4. Standardized security protocols
strengthen IoT device security.
5. Reduction of system compromise
risks through proactive threat
mitigation.
DISADVANTAGES
1. Complexity and heterogeneity hinder universal
detection in IoT environments.
2. Resource-intensive nature of real-time systems
poses challenges, especially for resource-constrained
devices.
3. Reliance on machine learning introduces
susceptibility to adversarial attacks and false
positives.
4. High volume of IoT data overwhelms detection
systems, leading to delays and false positives.
5. Lack of standardized security protocols in IoT
devices complicates comprehensive threat detection.
CONCLUSION :
In the realm of IoT-powered cybersecurity, detecting
real-time malicious intrusions and attacks is
paramount for upholding data integrity,
confidentiality, and service availability. Existing
systems, while foundational, face challenges due to
IoT complexity and security gaps. Proposed systems
offer tailored anomaly detection, edge computing
integration, and standardized security practices to
address these issues. Collaboration and education are
emphasized to bolster defense capabilities. As IoT
expands, ongoing innovation and collaboration are
essential for staying ahead of threats and ensuring the
reliability of IoT systems.
THANK YOU