Reference no: EM132407968
Assignment - Network Traffic Analysis Tools Analysis using Python Analysis using ML Approaches
Instructions -
1. In this assignment, you will explore the dataset, and then analyze the dataset using various approaches. The approaches you use are left open-ended so that you have sufficient freedom to make choices that you think will provide you with the best outcomes. Analyze the dataset in the .pcap file using Wireshark and any other network traffic analysis tools out there such as Snort, Security Onion, Nessus, etc. Your aim is to first understand the dataset and then identify indicators of compromise (IOCs) in this dataset. You will identify all IOCs and then explain them in your report. Make sure to apply all types of analysis using the tool(s) that you decided to use. You also have labeled flows of the same traffic capture in CSV format. In the files, L2L means local to local, and L2R means local to remote. The six TCP control flags are: U, Urgent pointer valid flag; A, Acknowledgment number valid flag; P, Push flag; R, Reset connection flag; S, Synchronize sequence numbers flag; and F, End of data flag.
2. Export the data capture in pcap format as a CSV file format for further analysis using Python. Explore the dataset in different ways and find ways to prepare it for analysis using ML approaches. The labeled set is also very useful and it can be used for both supervised ML and unsupervised ML by dropping the Label column.
3. Apply at least four machine learning approaches (supervised and/or supervised) to analyze the dataset. You should:
4. Provide recommendations for improving the security posture of AZTek Corporation.
5. Explain any suspicious traffic that you were able to identify when you analyzed the traffic capture in the pcap file with Wireshark or some other tool(s).
6. Classify the data in some way using each machine learning approach.
7. Compute the performance of each ML approach.
8. Perform error analysis by comparing the results of different algorithms
9. Identify the algorithm(s) with the best performance.
Deliverables - You will compile a professional report to the CSO containing your findings steps 1-4. Any sources should be cited in APA format. The report should be double-space in 12-point font, have a title page containing the name of the report.
Attachment:- Assignment Files.rar