0% found this document useful (0 votes)

14 views4 pages

Cyber Attack Report 1

On February 11, 2024, a Denial of Service (DoS) cyber attack was detected by the cybersecurity system at 13:24:50. The report details the attack's nature, impact, and the detection methods used by the Cybersecurity team. Specific sniffing details of the attack, including timestamps and protocol information, are also provided.

Uploaded by

64011064

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

14 views4 pages

Cyber Attack Report 1

Uploaded by

64011064

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 4

Cybersecurity Incident Report

Incident Overview
On 02/11/2024, at 13:24:50, the cybersecurity system (IDPS) encountered a cyber attack identified

as a Denial of Service (DoS) attack. This report provides detailed information on the nature of the

attack, its impact, and the detection methods employed by the Cybersecurity team to mitigate it.

Incident Details

Date Time Attack Type Target Downtime Revenue Loss

Sniffing Details
No. Time IP Source IP Destination Protocol Length Information
144 13:24:44.772 11111111 10.1.1.1 TCP 63.28 [SYN] Seq=0 Win=512 Len=0

145 13:24:44.846 11111111 10.1.1.1 TCP 59.0 [SYN] Seq=0 Win=512 Len=0

169 13:24:44.831 Unknown Unknown TCP 1160.47 Unknown:Unknown:TCP

146 13:24:44.913 11111111 10.1.1.1 TCP 65.25 [SYN] Seq=0 Win=512 Len=0

147 13:24:44.981 11111111 10.1.1.1 TCP 56.34 [SYN] Seq=0 Win=512 Len=0

148 13:24:45.048 11111111 10.1.1.1 TCP 66.65 [SYN] Seq=0 Win=512 Len=0

149 13:24:45.115 11111111 10.1.1.1 TCP 66.3 [SYN] Seq=0 Win=512 Len=0

170 13:24:45.031 Unknown Unknown TCP 671.14 Unknown:Unknown:TCP

150 13:24:45.183 11111111 10.1.1.1 TCP 60.7 [SYN] Seq=0 Win=512 Len=0

151 13:24:45.251 11111111 10.1.1.1 TCP 62.01 [SYN] Seq=0 Win=512 Len=0

171 13:24:45.232 Unknown Unknown OSPF 1158.75 Unknown:Unknown:OSPF

152 13:24:45.318 11111111 10.1.1.1 TCP 60.25 [SYN] Seq=0 Win=512 Len=0

153 13:24:45.400 11111111 10.1.1.1 TCP 64.15 [SYN] Seq=0 Win=512 Len=0

172 13:24:45.432 Unknown Unknown TLSv1.2 192.63 Unknown:Unknown:TLSv1.2

154 13:24:45.467 11111111 10.1.1.1 TCP 66.68 [SYN] Seq=0 Win=512 Len=0

155 13:24:45.534 11111111 10.1.1.1 TCP 63.75 [SYN] Seq=0 Win=512 Len=0

156 13:24:45.639 11111111 10.1.1.1 TCP 56.66 [SYN] Seq=0 Win=512 Len=0

173 13:24:45.643 Unknown Unknown SNMP 806.22 Unknown:Unknown:SNMP

157 13:24:45.780 11111111 10.1.1.1 TCP 58.52 [SYN] Seq=0 Win=512 Len=0

158 13:24:45.847 11111111 10.1.1.1 TCP 56.73 [SYN] Seq=0 Win=512 Len=0

174 13:24:45.843 Unknown Unknown TLSv1.2 990.43 Unknown:Unknown:TLSv1.2

159 13:24:45.915 11111111 10.1.1.1 TCP 49.35 [SYN] Seq=0 Win=512 Len=0
160 13:24:45.997 11111111 10.1.1.1 TCP 56.14 [SYN] Seq=0 Win=512 Len=0

161 13:24:46.064 11111111 10.1.1.1 TCP 70.01 [SYN] Seq=0 Win=512 Len=0

175 13:24:46.044 Unknown Unknown TCP 935.04 Unknown:Unknown:TCP

162 13:24:46.132 11111111 10.1.1.1 TCP 48.86 [SYN] Seq=0 Win=512 Len=0

Page 1
Cybersecurity Incident Report

163 13:24:46.212 11111111 10.1.1.1 TCP 55.72 [SYN] Seq=0 Win=512 Len=0

176 13:24:46.244 Unknown Unknown OSPF 659.67 Unknown:Unknown:OSPF

164 13:24:46.280 11111111 10.1.1.1 TCP 68.83 [SYN] Seq=0 Win=512 Len=0

165 13:24:46.347 11111111 10.1.1.1 TCP 52.05 [SYN] Seq=0 Win=512 Len=0

166 13:24:46.415 11111111 10.1.1.1 TCP 75.94 [SYN] Seq=0 Win=512 Len=0

177 13:24:46.444 Unknown Unknown TLSv1.2 952.85 Unknown:Unknown:TLSv1.2

167 13:24:46.483 11111111 10.1.1.1 TCP 73.95 [SYN] Seq=0 Win=512 Len=0

168 13:24:46.554 11111111 10.1.1.1 TCP 73.86 [SYN] Seq=0 Win=512 Len=0

178 13:24:46.651 Unknown Unknown SNMP 435.17 Unknown:Unknown:SNMP

169 13:24:46.781 11111111 10.1.1.1 TCP 70.41 [SYN] Seq=0 Win=512 Len=0

179 13:24:46.851 Unknown Unknown ICMP 575.24 Unknown:Unknown:ICMP

170 13:24:46.982 11111111 10.1.1.1 TCP 45.89 [SYN] Seq=0 Win=512 Len=0

171 13:24:47.050 11111111 10.1.1.1 TCP 59.67 [SYN] Seq=0 Win=512 Len=0

180 13:24:47.052 Unknown Unknown ICMP 489.93 Unknown:Unknown:ICMP

172 13:24:47.117 11111111 10.1.1.1 TCP 77.94 [SYN] Seq=0 Win=512 Len=0
173 13:24:47.185 11111111 10.1.1.1 TCP 74.28 [SYN] Seq=0 Win=512 Len=0

174 13:24:47.252 11111111 10.1.1.1 TCP 55.38 [SYN] Seq=0 Win=512 Len=0

181 13:24:47.252 Unknown Unknown UDP 169.35 Unknown:Unknown:UDP

175 13:24:47.319 11111111 10.1.1.1 TCP 43.44 [SYN] Seq=0 Win=512 Len=0

176 13:24:47.386 11111111 10.1.1.1 TCP 60.18 [SYN] Seq=0 Win=512 Len=0

177 13:24:47.454 11111111 10.1.1.1 TCP 57.42 [SYN] Seq=0 Win=512 Len=0

182 13:24:47.453 Unknown Unknown ICMP 585.87 Unknown:Unknown:ICMP

178 13:24:47.521 11111111 10.1.1.1 TCP 43.87 [SYN] Seq=0 Win=512 Len=0

179 13:24:47.601 11111111 10.1.1.1 TCP 66.7 [SYN] Seq=0 Win=512 Len=0

180 13:24:47.668 11111111 10.1.1.1 TCP 59.89 [SYN] Seq=0 Win=512 Len=0

183 13:24:47.653 Unknown Unknown SNMP 182.75 Unknown:Unknown:SNMP

181 13:24:47.735 11111111 10.1.1.1 TCP 75.15 [SYN] Seq=0 Win=512 Len=0

182 13:24:47.818 11111111 10.1.1.1 TCP 62.83 [SYN] Seq=0 Win=512 Len=0

184 13:24:47.869 Unknown Unknown TLSv1.2 803.95 Unknown:Unknown:TLSv1.2

183 13:24:48.019 11111111 10.1.1.1 TCP 67.72 [SYN] Seq=0 Win=512 Len=0

184 13:24:48.088 11111111 10.1.1.1 TCP 65.03 [SYN] Seq=0 Win=512 Len=0
185 13:24:48.069 Unknown Unknown ICMP 957.41 Unknown:Unknown:ICMP

185 13:24:48.155 11111111 10.1.1.1 TCP 60.33 [SYN] Seq=0 Win=512 Len=0

186 13:24:48.238 11111111 10.1.1.1 TCP 55.92 [SYN] Seq=0 Win=512 Len=0

187 13:24:48.305 11111111 10.1.1.1 TCP 72.99 [SYN] Seq=0 Win=512 Len=0

186 13:24:48.271 Unknown Unknown UDP 426.73 Unknown:Unknown:UDP

188 13:24:48.373 11111111 10.1.1.1 TCP 53.95 [SYN] Seq=0 Win=512 Len=0

189 13:24:48.440 11111111 10.1.1.1 TCP 58.69 [SYN] Seq=0 Win=512 Len=0

187 13:24:48.472 Unknown Unknown SNMP 732.47 Unknown:Unknown:SNMP

190 13:24:48.508 11111111 10.1.1.1 TCP 59.44 [SYN] Seq=0 Win=512 Len=0

191 13:24:48.592 11111111 10.1.1.1 TCP 61.24 [SYN] Seq=0 Win=512 Len=0

192 13:24:48.659 11111111 10.1.1.1 TCP 39.21 [SYN] Seq=0 Win=512 Len=0

188 13:24:48.672 Unknown Unknown ICMP 104.84 Unknown:Unknown:ICMP

Page 2
Cybersecurity Incident Report

193 13:24:48.727 11111111 10.1.1.1 TCP 70.35 [SYN] Seq=0 Win=512 Len=0

194 13:24:48.806 11111111 10.1.1.1 TCP 65.01 [SYN] Seq=0 Win=512 Len=0

189 13:24:48.883 Unknown Unknown SNMP 997.53 Unknown:Unknown:SNMP

195 13:24:49.026 11111111 10.1.1.1 TCP 66.55 [SYN] Seq=0 Win=512 Len=0

196 13:24:49.095 11111111 10.1.1.1 TCP 70.04 [SYN] Seq=0 Win=512 Len=0

190 13:24:49.084 Unknown Unknown SNMP 138.0 Unknown:Unknown:SNMP

197 13:24:49.162 11111111 10.1.1.1 TCP 75.94 [SYN] Seq=0 Win=512 Len=0

198 13:24:49.243 11111111 10.1.1.1 TCP 60.53 [SYN] Seq=0 Win=512 Len=0

199 13:24:49.310 11111111 10.1.1.1 TCP 74.93 [SYN] Seq=0 Win=512 Len=0

200 13:24:49.378 11111111 10.1.1.1 TCP 48.26 [SYN] Seq=0 Win=512 Len=0

191 13:24:49.286 Unknown Unknown TCP 801.17 Unknown:Unknown:TCP

201 13:24:49.444 11111111 10.1.1.1 TCP 62.48 [SYN] Seq=0 Win=512 Len=0

192 13:24:49.486 Unknown Unknown ICMP 729.53 Unknown:Unknown:ICMP

202 13:24:49.512 11111111 10.1.1.1 TCP 57.18 [SYN] Seq=0 Win=512 Len=0

203 13:24:49.593 11111111 10.1.1.1 TCP 60.42 [SYN] Seq=0 Win=512 Len=0
204 13:24:49.661 11111111 10.1.1.1 TCP 68.91 [SYN] Seq=0 Win=512 Len=0

205 13:24:49.729 11111111 10.1.1.1 TCP 65.45 [SYN] Seq=0 Win=512 Len=0

193 13:24:49.686 Unknown Unknown ICMP 950.82 Unknown:Unknown:ICMP

206 13:24:49.808 11111111 10.1.1.1 TCP 62.37 [SYN] Seq=0 Win=512 Len=0

194 13:24:49.892 Unknown Unknown OSPF 1150.46 Unknown:Unknown:OSPF

207 13:24:50.037 11111111 10.1.1.1 TCP 64.83 [SYN] Seq=0 Win=512 Len=0

Detection and Response Metrics

Metric Time (Seconds)

Mean Time to Detect (MTTD) 21

Mean Time to Respond (MTTR) 4

Detection Techniques
Two key detection methods were used:

1. EWMA (Exponentially Weighted Moving Average)

Page 3
Cybersecurity Incident Report

2. SVM (Support Vector Machine)

Response and Mitigation

Mitigation Action Description Outcome

IP Blocking = Blocked malicious IPs Attack reduced by 100%

Machine Learning Training Stricter filtering Better Classification

Conclusion
This report summarizes the events of the DoS attack, highlighting the quick detection and response

efforts. Ongoing efforts will strengthen the system to prevent similar attacks.

Page 4

Vulnerability Scan Report - Sample
No ratings yet
Vulnerability Scan Report - Sample
102 pages
Metasploit Greenbone Full Scan Report 6.9
No ratings yet
Metasploit Greenbone Full Scan Report 6.9
88 pages
How To Read The Wireshark TCP - HTTP Log
0% (1)
How To Read The Wireshark TCP - HTTP Log
8 pages
Wireshark Notes
No ratings yet
Wireshark Notes
6 pages
Scan Report Metaspolite
No ratings yet
Scan Report Metaspolite
37 pages
Scan Report: June 4, 2023
No ratings yet
Scan Report: June 4, 2023
63 pages
Packet Analysis For Beginners Lab
100% (1)
Packet Analysis For Beginners Lab
38 pages
Americasbodega
No ratings yet
Americasbodega
18 pages
Log
No ratings yet
Log
386 pages
Screenshot 2022-04-26 at 9.55.11 PM
No ratings yet
Screenshot 2022-04-26 at 9.55.11 PM
111 pages
BRKSEC 3533 Snort TSHOOT
No ratings yet
BRKSEC 3533 Snort TSHOOT
181 pages
E.104 131 56 232 50 247 103 121 38 142 77 171 38 142 77 172 38 106 42 13 Fzah3v
No ratings yet
E.104 131 56 232 50 247 103 121 38 142 77 171 38 142 77 172 38 106 42 13 Fzah3v
227 pages
Notes Checkpoint CLI Commands
100% (1)
Notes Checkpoint CLI Commands
16 pages
Pru Uno Con Fire
No ratings yet
Pru Uno Con Fire
14 pages
Vulnerabilities in TCP-IP
No ratings yet
Vulnerabilities in TCP-IP
61 pages
TCP Attack Lab
No ratings yet
TCP Attack Lab
13 pages
Ghost
No ratings yet
Ghost
6 pages
Lec21 Security
No ratings yet
Lec21 Security
51 pages
Introduction To Network Security: Guest Lecture Debabrata Dash
No ratings yet
Introduction To Network Security: Guest Lecture Debabrata Dash
47 pages
22B91A04A8 TCP SYN Flood Detection Using Wireshark
No ratings yet
22B91A04A8 TCP SYN Flood Detection Using Wireshark
9 pages
CNS Lecture2 1
No ratings yet
CNS Lecture2 1
38 pages
2-Cyber Attacks - Network Infrastructure Attack, OS Attack-19!07!2024
No ratings yet
2-Cyber Attacks - Network Infrastructure Attack, OS Attack-19!07!2024
44 pages
Vulnerabilities in TCP/IP Protocols
No ratings yet
Vulnerabilities in TCP/IP Protocols
61 pages
NSS Lecture 4 - Network Attacks
No ratings yet
NSS Lecture 4 - Network Attacks
38 pages
Tcpip
No ratings yet
Tcpip
26 pages
IDP Presentation
No ratings yet
IDP Presentation
43 pages
Taller
No ratings yet
Taller
159 pages
Reporte Metaexploitabe2 Con OpenVAS
No ratings yet
Reporte Metaexploitabe2 Con OpenVAS
104 pages
Eaheart CurrentInternetThreats
No ratings yet
Eaheart CurrentInternetThreats
32 pages
Outline
No ratings yet
Outline
43 pages
Scan Report
No ratings yet
Scan Report
35 pages
Class 8
No ratings yet
Class 8
25 pages
21mis0174 VL2024250103043 Ast03
No ratings yet
21mis0174 VL2024250103043 Ast03
23 pages
Report 1
No ratings yet
Report 1
33 pages
Isa 2000
No ratings yet
Isa 2000
72 pages
Windows Report
No ratings yet
Windows Report
36 pages
Nmap Packet Trace
No ratings yet
Nmap Packet Trace
19 pages
PCI PTS POI - SRED v4.x
No ratings yet
PCI PTS POI - SRED v4.x
51 pages
Mechanical Engineering - Lab Manual For Measurement and Instrumentation
No ratings yet
Mechanical Engineering - Lab Manual For Measurement and Instrumentation
18 pages
Informe Completo
No ratings yet
Informe Completo
25 pages
Scan of Freds
No ratings yet
Scan of Freds
39 pages
Task Solution
No ratings yet
Task Solution
20 pages
Network Security: Presented By: Dr. Munam Ali Shah
No ratings yet
Network Security: Presented By: Dr. Munam Ali Shah
32 pages
Netstat
No ratings yet
Netstat
14 pages
Iptables DDoS Protection Using Netfilter/iptables
No ratings yet
Iptables DDoS Protection Using Netfilter/iptables
38 pages
1.reporte de Vunerabilidades GreenBone
No ratings yet
1.reporte de Vunerabilidades GreenBone
9 pages
Introduction To Network Security: Guest Lecture Debabrata Dash
No ratings yet
Introduction To Network Security: Guest Lecture Debabrata Dash
47 pages
CS 640: Introduction To Computer Networks: Aditya Akella Lecture 25 - Network Security
No ratings yet
CS 640: Introduction To Computer Networks: Aditya Akella Lecture 25 - Network Security
39 pages
Not A Certified PCI Report: Scan Results
No ratings yet
Not A Certified PCI Report: Scan Results
12 pages
Midtest NguyenLeHoangThong
No ratings yet
Midtest NguyenLeHoangThong
8 pages
Wireshark
No ratings yet
Wireshark
8 pages
Group Work Netwwork Security and Cryptology
No ratings yet
Group Work Netwwork Security and Cryptology
9 pages
Caaaaaap
No ratings yet
Caaaaaap
5 pages
11 TCP Ip
No ratings yet
11 TCP Ip
20 pages
Static Nat Pix
No ratings yet
Static Nat Pix
15 pages
Detecting Suspicious Activity (Analyzing Different Traffics) .
No ratings yet
Detecting Suspicious Activity (Analyzing Different Traffics) .
3 pages
SYN Packet Generation by Scapy & SYN Flood Prevention Using Iptables PDF
No ratings yet
SYN Packet Generation by Scapy & SYN Flood Prevention Using Iptables PDF
6 pages
TCP-IP Cheat Sheet
No ratings yet
TCP-IP Cheat Sheet
2 pages
3.4. Sharpening Spatial Filtering
No ratings yet
3.4. Sharpening Spatial Filtering
45 pages
Netstat Ref Unix
No ratings yet
Netstat Ref Unix
4 pages
Software Project Management: Dr. R. Mall
No ratings yet
Software Project Management: Dr. R. Mall
87 pages
Canon I350 Waste Tank Full - Fixyourownprinter
No ratings yet
Canon I350 Waste Tank Full - Fixyourownprinter
22 pages
Pega (PRPC) Concepts PDF
No ratings yet
Pega (PRPC) Concepts PDF
14 pages
Course Unit - Human Flourishing in Science and Technology-Merged
No ratings yet
Course Unit - Human Flourishing in Science and Technology-Merged
24 pages
BioData-Pragati Pandit
No ratings yet
BioData-Pragati Pandit
4 pages
Mvi 812
No ratings yet
Mvi 812
1 page
PRACRES1 Syllabus
No ratings yet
PRACRES1 Syllabus
9 pages
Walmart's (Key Success Factors)
No ratings yet
Walmart's (Key Success Factors)
4 pages
Vlsi Module-3
No ratings yet
Vlsi Module-3
129 pages
Delft3D-WAVE User Manual PDF
No ratings yet
Delft3D-WAVE User Manual PDF
226 pages
Algebraic Geometry For Geometric Modeling: Ragni Piene
No ratings yet
Algebraic Geometry For Geometric Modeling: Ragni Piene
46 pages
Application For Admission in " KV NO.2 NAUSENABAUGH "
No ratings yet
Application For Admission in " KV NO.2 NAUSENABAUGH "
7 pages
MS-7549 Ver:0A
No ratings yet
MS-7549 Ver:0A
34 pages
Duracell CR2 Datasheet
No ratings yet
Duracell CR2 Datasheet
2 pages
Wendland, Aristeae Ad Philocratem Epistula
No ratings yet
Wendland, Aristeae Ad Philocratem Epistula
275 pages
RHLS User Guidelines PDF
No ratings yet
RHLS User Guidelines PDF
50 pages
Servers
No ratings yet
Servers
4 pages
CQF Brochure
No ratings yet
CQF Brochure
24 pages
Digital Check SmartSource Pro English
No ratings yet
Digital Check SmartSource Pro English
2 pages
Anh Do Biography
No ratings yet
Anh Do Biography
2 pages
Etx 2 v6.7 - Datasheet
No ratings yet
Etx 2 v6.7 - Datasheet
13 pages
Blog - Are Smartphone Rentals Value Fo... - Mobile World Live
No ratings yet
Blog - Are Smartphone Rentals Value Fo... - Mobile World Live
8 pages
BIM Project Delivery Waste
No ratings yet
BIM Project Delivery Waste
6 pages
Corvis Prospekt 4 Seitig 0611
No ratings yet
Corvis Prospekt 4 Seitig 0611
4 pages
Boost Performance of Informatica Lookups
No ratings yet
Boost Performance of Informatica Lookups
5 pages
ZYAROCK Artec Pot Leaflet (En)
No ratings yet
ZYAROCK Artec Pot Leaflet (En)
2 pages
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
From Everand
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
Mulayam Singh
No ratings yet
Network with Practical Labs Configuration: Step by Step configuration of Router and Switch configuration
From Everand
Network with Practical Labs Configuration: Step by Step configuration of Router and Switch configuration
Mulayam Singh
No ratings yet
CompTIA Cloud+ Study Guide: Exam CV0-003
From Everand
CompTIA Cloud+ Study Guide: Exam CV0-003
Ben Piper
No ratings yet

Cyber Attack Report 1

Uploaded by

Cyber Attack Report 1

Uploaded by

Cybersecurity Incident Report

Date Time Attack Type Target Downtime Revenue Loss

169 13:24:44.831 Unknown Unknown TCP 1160.47 Unknown:Unknown:TCP

170 13:24:45.031 Unknown Unknown TCP 671.14 Unknown:Unknown:TCP

171 13:24:45.232 Unknown Unknown OSPF 1158.75 Unknown:Unknown:OSPF

172 13:24:45.432 Unknown Unknown TLSv1.2 192.63 Unknown:Unknown:TLSv1.2

173 13:24:45.643 Unknown Unknown SNMP 806.22 Unknown:Unknown:SNMP

174 13:24:45.843 Unknown Unknown TLSv1.2 990.43 Unknown:Unknown:TLSv1.2

175 13:24:46.044 Unknown Unknown TCP 935.04 Unknown:Unknown:TCP

176 13:24:46.244 Unknown Unknown OSPF 659.67 Unknown:Unknown:OSPF

177 13:24:46.444 Unknown Unknown TLSv1.2 952.85 Unknown:Unknown:TLSv1.2

178 13:24:46.651 Unknown Unknown SNMP 435.17 Unknown:Unknown:SNMP

179 13:24:46.851 Unknown Unknown ICMP 575.24 Unknown:Unknown:ICMP

180 13:24:47.052 Unknown Unknown ICMP 489.93 Unknown:Unknown:ICMP

181 13:24:47.252 Unknown Unknown UDP 169.35 Unknown:Unknown:UDP

182 13:24:47.453 Unknown Unknown ICMP 585.87 Unknown:Unknown:ICMP

183 13:24:47.653 Unknown Unknown SNMP 182.75 Unknown:Unknown:SNMP

184 13:24:47.869 Unknown Unknown TLSv1.2 803.95 Unknown:Unknown:TLSv1.2

186 13:24:48.271 Unknown Unknown UDP 426.73 Unknown:Unknown:UDP

187 13:24:48.472 Unknown Unknown SNMP 732.47 Unknown:Unknown:SNMP

188 13:24:48.672 Unknown Unknown ICMP 104.84 Unknown:Unknown:ICMP

189 13:24:48.883 Unknown Unknown SNMP 997.53 Unknown:Unknown:SNMP

190 13:24:49.084 Unknown Unknown SNMP 138.0 Unknown:Unknown:SNMP

191 13:24:49.286 Unknown Unknown TCP 801.17 Unknown:Unknown:TCP

192 13:24:49.486 Unknown Unknown ICMP 729.53 Unknown:Unknown:ICMP

193 13:24:49.686 Unknown Unknown ICMP 950.82 Unknown:Unknown:ICMP

194 13:24:49.892 Unknown Unknown OSPF 1150.46 Unknown:Unknown:OSPF

Detection and Response Metrics

Metric Time (Seconds)

Mean Time to Detect (MTTD) 21

Mean Time to Respond (MTTR) 4

1. EWMA (Exponentially Weighted Moving Average)

2. SVM (Support Vector Machine)

Response and Mitigation

Mitigation Action Description Outcome

IP Blocking = Blocked malicious IPs Attack reduced by 100%

Machine Learning Training Stricter filtering Better Classification

You might also like