0% found this document useful (0 votes)

14 views4 pages

Cyber Attack Report 1

On February 11, 2024, a Denial of Service (DoS) cyber attack was detected by the cybersecurity system at 13:24:50. The report details the attack's nature, impact, and the detection methods used by the Cybersecurity team. Specific sniffing details of the attack, including timestamps and protocol information, are also provided.

Uploaded by

64011064

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

14 views4 pages

Cyber Attack Report 1

Uploaded by

64011064

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 4

Cybersecurity Incident Report

Incident Overview
On 02/11/2024, at 13:24:50, the cybersecurity system (IDPS) encountered a cyber attack identified

as a Denial of Service (DoS) attack. This report provides detailed information on the nature of the

attack, its impact, and the detection methods employed by the Cybersecurity team to mitigate it.

Incident Details

Date Time Attack Type Target Downtime Revenue Loss

Sniffing Details
No. Time IP Source IP Destination Protocol Length Information
144 13:24:44.772 11111111 10.1.1.1 TCP 63.28 [SYN] Seq=0 Win=512 Len=0

145 13:24:44.846 11111111 10.1.1.1 TCP 59.0 [SYN] Seq=0 Win=512 Len=0

169 13:24:44.831 Unknown Unknown TCP 1160.47 Unknown:Unknown:TCP

146 13:24:44.913 11111111 10.1.1.1 TCP 65.25 [SYN] Seq=0 Win=512 Len=0

147 13:24:44.981 11111111 10.1.1.1 TCP 56.34 [SYN] Seq=0 Win=512 Len=0

148 13:24:45.048 11111111 10.1.1.1 TCP 66.65 [SYN] Seq=0 Win=512 Len=0

149 13:24:45.115 11111111 10.1.1.1 TCP 66.3 [SYN] Seq=0 Win=512 Len=0

170 13:24:45.031 Unknown Unknown TCP 671.14 Unknown:Unknown:TCP

150 13:24:45.183 11111111 10.1.1.1 TCP 60.7 [SYN] Seq=0 Win=512 Len=0

151 13:24:45.251 11111111 10.1.1.1 TCP 62.01 [SYN] Seq=0 Win=512 Len=0

171 13:24:45.232 Unknown Unknown OSPF 1158.75 Unknown:Unknown:OSPF

152 13:24:45.318 11111111 10.1.1.1 TCP 60.25 [SYN] Seq=0 Win=512 Len=0

153 13:24:45.400 11111111 10.1.1.1 TCP 64.15 [SYN] Seq=0 Win=512 Len=0

172 13:24:45.432 Unknown Unknown TLSv1.2 192.63 Unknown:Unknown:TLSv1.2

154 13:24:45.467 11111111 10.1.1.1 TCP 66.68 [SYN] Seq=0 Win=512 Len=0

155 13:24:45.534 11111111 10.1.1.1 TCP 63.75 [SYN] Seq=0 Win=512 Len=0

156 13:24:45.639 11111111 10.1.1.1 TCP 56.66 [SYN] Seq=0 Win=512 Len=0

173 13:24:45.643 Unknown Unknown SNMP 806.22 Unknown:Unknown:SNMP

157 13:24:45.780 11111111 10.1.1.1 TCP 58.52 [SYN] Seq=0 Win=512 Len=0

158 13:24:45.847 11111111 10.1.1.1 TCP 56.73 [SYN] Seq=0 Win=512 Len=0

174 13:24:45.843 Unknown Unknown TLSv1.2 990.43 Unknown:Unknown:TLSv1.2

159 13:24:45.915 11111111 10.1.1.1 TCP 49.35 [SYN] Seq=0 Win=512 Len=0
160 13:24:45.997 11111111 10.1.1.1 TCP 56.14 [SYN] Seq=0 Win=512 Len=0

161 13:24:46.064 11111111 10.1.1.1 TCP 70.01 [SYN] Seq=0 Win=512 Len=0

175 13:24:46.044 Unknown Unknown TCP 935.04 Unknown:Unknown:TCP

162 13:24:46.132 11111111 10.1.1.1 TCP 48.86 [SYN] Seq=0 Win=512 Len=0

Page 1
Cybersecurity Incident Report

163 13:24:46.212 11111111 10.1.1.1 TCP 55.72 [SYN] Seq=0 Win=512 Len=0

176 13:24:46.244 Unknown Unknown OSPF 659.67 Unknown:Unknown:OSPF

164 13:24:46.280 11111111 10.1.1.1 TCP 68.83 [SYN] Seq=0 Win=512 Len=0

165 13:24:46.347 11111111 10.1.1.1 TCP 52.05 [SYN] Seq=0 Win=512 Len=0

166 13:24:46.415 11111111 10.1.1.1 TCP 75.94 [SYN] Seq=0 Win=512 Len=0

177 13:24:46.444 Unknown Unknown TLSv1.2 952.85 Unknown:Unknown:TLSv1.2

167 13:24:46.483 11111111 10.1.1.1 TCP 73.95 [SYN] Seq=0 Win=512 Len=0

168 13:24:46.554 11111111 10.1.1.1 TCP 73.86 [SYN] Seq=0 Win=512 Len=0

178 13:24:46.651 Unknown Unknown SNMP 435.17 Unknown:Unknown:SNMP

169 13:24:46.781 11111111 10.1.1.1 TCP 70.41 [SYN] Seq=0 Win=512 Len=0

179 13:24:46.851 Unknown Unknown ICMP 575.24 Unknown:Unknown:ICMP

170 13:24:46.982 11111111 10.1.1.1 TCP 45.89 [SYN] Seq=0 Win=512 Len=0

171 13:24:47.050 11111111 10.1.1.1 TCP 59.67 [SYN] Seq=0 Win=512 Len=0

180 13:24:47.052 Unknown Unknown ICMP 489.93 Unknown:Unknown:ICMP

172 13:24:47.117 11111111 10.1.1.1 TCP 77.94 [SYN] Seq=0 Win=512 Len=0
173 13:24:47.185 11111111 10.1.1.1 TCP 74.28 [SYN] Seq=0 Win=512 Len=0

174 13:24:47.252 11111111 10.1.1.1 TCP 55.38 [SYN] Seq=0 Win=512 Len=0

181 13:24:47.252 Unknown Unknown UDP 169.35 Unknown:Unknown:UDP

175 13:24:47.319 11111111 10.1.1.1 TCP 43.44 [SYN] Seq=0 Win=512 Len=0

176 13:24:47.386 11111111 10.1.1.1 TCP 60.18 [SYN] Seq=0 Win=512 Len=0

177 13:24:47.454 11111111 10.1.1.1 TCP 57.42 [SYN] Seq=0 Win=512 Len=0

182 13:24:47.453 Unknown Unknown ICMP 585.87 Unknown:Unknown:ICMP

178 13:24:47.521 11111111 10.1.1.1 TCP 43.87 [SYN] Seq=0 Win=512 Len=0

179 13:24:47.601 11111111 10.1.1.1 TCP 66.7 [SYN] Seq=0 Win=512 Len=0

180 13:24:47.668 11111111 10.1.1.1 TCP 59.89 [SYN] Seq=0 Win=512 Len=0

183 13:24:47.653 Unknown Unknown SNMP 182.75 Unknown:Unknown:SNMP

181 13:24:47.735 11111111 10.1.1.1 TCP 75.15 [SYN] Seq=0 Win=512 Len=0

182 13:24:47.818 11111111 10.1.1.1 TCP 62.83 [SYN] Seq=0 Win=512 Len=0

184 13:24:47.869 Unknown Unknown TLSv1.2 803.95 Unknown:Unknown:TLSv1.2

183 13:24:48.019 11111111 10.1.1.1 TCP 67.72 [SYN] Seq=0 Win=512 Len=0

184 13:24:48.088 11111111 10.1.1.1 TCP 65.03 [SYN] Seq=0 Win=512 Len=0
185 13:24:48.069 Unknown Unknown ICMP 957.41 Unknown:Unknown:ICMP

185 13:24:48.155 11111111 10.1.1.1 TCP 60.33 [SYN] Seq=0 Win=512 Len=0

186 13:24:48.238 11111111 10.1.1.1 TCP 55.92 [SYN] Seq=0 Win=512 Len=0

187 13:24:48.305 11111111 10.1.1.1 TCP 72.99 [SYN] Seq=0 Win=512 Len=0

186 13:24:48.271 Unknown Unknown UDP 426.73 Unknown:Unknown:UDP

188 13:24:48.373 11111111 10.1.1.1 TCP 53.95 [SYN] Seq=0 Win=512 Len=0

189 13:24:48.440 11111111 10.1.1.1 TCP 58.69 [SYN] Seq=0 Win=512 Len=0

187 13:24:48.472 Unknown Unknown SNMP 732.47 Unknown:Unknown:SNMP

190 13:24:48.508 11111111 10.1.1.1 TCP 59.44 [SYN] Seq=0 Win=512 Len=0

191 13:24:48.592 11111111 10.1.1.1 TCP 61.24 [SYN] Seq=0 Win=512 Len=0

192 13:24:48.659 11111111 10.1.1.1 TCP 39.21 [SYN] Seq=0 Win=512 Len=0

188 13:24:48.672 Unknown Unknown ICMP 104.84 Unknown:Unknown:ICMP

Page 2
Cybersecurity Incident Report

193 13:24:48.727 11111111 10.1.1.1 TCP 70.35 [SYN] Seq=0 Win=512 Len=0

194 13:24:48.806 11111111 10.1.1.1 TCP 65.01 [SYN] Seq=0 Win=512 Len=0

189 13:24:48.883 Unknown Unknown SNMP 997.53 Unknown:Unknown:SNMP

195 13:24:49.026 11111111 10.1.1.1 TCP 66.55 [SYN] Seq=0 Win=512 Len=0

196 13:24:49.095 11111111 10.1.1.1 TCP 70.04 [SYN] Seq=0 Win=512 Len=0

190 13:24:49.084 Unknown Unknown SNMP 138.0 Unknown:Unknown:SNMP

197 13:24:49.162 11111111 10.1.1.1 TCP 75.94 [SYN] Seq=0 Win=512 Len=0

198 13:24:49.243 11111111 10.1.1.1 TCP 60.53 [SYN] Seq=0 Win=512 Len=0

199 13:24:49.310 11111111 10.1.1.1 TCP 74.93 [SYN] Seq=0 Win=512 Len=0

200 13:24:49.378 11111111 10.1.1.1 TCP 48.26 [SYN] Seq=0 Win=512 Len=0

191 13:24:49.286 Unknown Unknown TCP 801.17 Unknown:Unknown:TCP

201 13:24:49.444 11111111 10.1.1.1 TCP 62.48 [SYN] Seq=0 Win=512 Len=0

192 13:24:49.486 Unknown Unknown ICMP 729.53 Unknown:Unknown:ICMP

202 13:24:49.512 11111111 10.1.1.1 TCP 57.18 [SYN] Seq=0 Win=512 Len=0

203 13:24:49.593 11111111 10.1.1.1 TCP 60.42 [SYN] Seq=0 Win=512 Len=0
204 13:24:49.661 11111111 10.1.1.1 TCP 68.91 [SYN] Seq=0 Win=512 Len=0

205 13:24:49.729 11111111 10.1.1.1 TCP 65.45 [SYN] Seq=0 Win=512 Len=0

193 13:24:49.686 Unknown Unknown ICMP 950.82 Unknown:Unknown:ICMP

206 13:24:49.808 11111111 10.1.1.1 TCP 62.37 [SYN] Seq=0 Win=512 Len=0

194 13:24:49.892 Unknown Unknown OSPF 1150.46 Unknown:Unknown:OSPF

207 13:24:50.037 11111111 10.1.1.1 TCP 64.83 [SYN] Seq=0 Win=512 Len=0

Detection and Response Metrics

Metric Time (Seconds)

Mean Time to Detect (MTTD) 21

Mean Time to Respond (MTTR) 4

Detection Techniques
Two key detection methods were used:

1. EWMA (Exponentially Weighted Moving Average)

Page 3
Cybersecurity Incident Report

2. SVM (Support Vector Machine)

Response and Mitigation

Mitigation Action Description Outcome

IP Blocking = Blocked malicious IPs Attack reduced by 100%

Machine Learning Training Stricter filtering Better Classification

Conclusion
This report summarizes the events of the DoS attack, highlighting the quick detection and response

efforts. Ongoing efforts will strengthen the system to prevent similar attacks.

Page 4

Metasploit Greenbone Full Scan Report 6.9
No ratings yet
Metasploit Greenbone Full Scan Report 6.9
88 pages
EJPT Cheat Sheet
100% (2)
EJPT Cheat Sheet
49 pages
Vulnerability Scan Report - Sample
No ratings yet
Vulnerability Scan Report - Sample
102 pages
Wireshark Notes
No ratings yet
Wireshark Notes
6 pages
How To Read The Wireshark TCP - HTTP Log
0% (1)
How To Read The Wireshark TCP - HTTP Log
8 pages
Scan Report: June 4, 2023
No ratings yet
Scan Report: June 4, 2023
63 pages
Packet Analysis For Beginners Lab
100% (1)
Packet Analysis For Beginners Lab
38 pages
Americasbodega
No ratings yet
Americasbodega
18 pages
AWS For Beginners - The Ultimate Guide To The Fundamentals of Aws - Autor (Steve M Burnett)
100% (1)
AWS For Beginners - The Ultimate Guide To The Fundamentals of Aws - Autor (Steve M Burnett)
62 pages
Scan Report Metaspolite
No ratings yet
Scan Report Metaspolite
37 pages
Notes Checkpoint CLI Commands
100% (1)
Notes Checkpoint CLI Commands
16 pages
TCP Attack Lab
No ratings yet
TCP Attack Lab
13 pages
Isa 2000
No ratings yet
Isa 2000
72 pages
IPSec VPN
No ratings yet
IPSec VPN
5 pages
Iptables DDoS Protection Using Netfilter/iptables
No ratings yet
Iptables DDoS Protection Using Netfilter/iptables
38 pages
Pru Uno Con Fire
No ratings yet
Pru Uno Con Fire
14 pages
Log
No ratings yet
Log
386 pages
Outline
No ratings yet
Outline
43 pages
Reporte Metaexploitabe2 Con OpenVAS
No ratings yet
Reporte Metaexploitabe2 Con OpenVAS
104 pages
Task Solution
No ratings yet
Task Solution
20 pages
Eaheart CurrentInternetThreats
No ratings yet
Eaheart CurrentInternetThreats
32 pages
Ghost
No ratings yet
Ghost
6 pages
Class 8
No ratings yet
Class 8
25 pages
Lec21 Security
No ratings yet
Lec21 Security
51 pages
E.104 131 56 232 50 247 103 121 38 142 77 171 38 142 77 172 38 106 42 13 Fzah3v
No ratings yet
E.104 131 56 232 50 247 103 121 38 142 77 171 38 142 77 172 38 106 42 13 Fzah3v
227 pages
NSS Lecture 4 - Network Attacks
No ratings yet
NSS Lecture 4 - Network Attacks
38 pages
Pass4sure 312-50v9 Dumps
0% (1)
Pass4sure 312-50v9 Dumps
6 pages
SYN Packet Generation by Scapy & SYN Flood Prevention Using Iptables PDF
No ratings yet
SYN Packet Generation by Scapy & SYN Flood Prevention Using Iptables PDF
6 pages
Vulnerabilities in TCP/IP Protocols
No ratings yet
Vulnerabilities in TCP/IP Protocols
61 pages
Netstat
No ratings yet
Netstat
14 pages
2-Cyber Attacks - Network Infrastructure Attack, OS Attack-19!07!2024
No ratings yet
2-Cyber Attacks - Network Infrastructure Attack, OS Attack-19!07!2024
44 pages
BRKSEC 3533 Snort TSHOOT
No ratings yet
BRKSEC 3533 Snort TSHOOT
181 pages
Detecting Suspicious Activity (Analyzing Different Traffics) .
No ratings yet
Detecting Suspicious Activity (Analyzing Different Traffics) .
3 pages
IDP Presentation
No ratings yet
IDP Presentation
43 pages
Wireshark
No ratings yet
Wireshark
8 pages
Nmap Packet Trace
No ratings yet
Nmap Packet Trace
19 pages
21mis0174 VL2024250103043 Ast03
No ratings yet
21mis0174 VL2024250103043 Ast03
23 pages
Static Nat Pix
No ratings yet
Static Nat Pix
15 pages
Screenshot 2022-04-26 at 9.55.11 PM
No ratings yet
Screenshot 2022-04-26 at 9.55.11 PM
111 pages
22B91A04A8 TCP SYN Flood Detection Using Wireshark
No ratings yet
22B91A04A8 TCP SYN Flood Detection Using Wireshark
9 pages
Introduction To Network Security: Guest Lecture Debabrata Dash
No ratings yet
Introduction To Network Security: Guest Lecture Debabrata Dash
47 pages
11 TCP Ip
No ratings yet
11 TCP Ip
20 pages
Netstat Ref Unix
No ratings yet
Netstat Ref Unix
4 pages
Informe Completo
No ratings yet
Informe Completo
25 pages
Network Security: Presented By: Dr. Munam Ali Shah
No ratings yet
Network Security: Presented By: Dr. Munam Ali Shah
32 pages
CS 640: Introduction To Computer Networks: Aditya Akella Lecture 25 - Network Security
No ratings yet
CS 640: Introduction To Computer Networks: Aditya Akella Lecture 25 - Network Security
39 pages
1.reporte de Vunerabilidades GreenBone
No ratings yet
1.reporte de Vunerabilidades GreenBone
9 pages
Not A Certified PCI Report: Scan Results
No ratings yet
Not A Certified PCI Report: Scan Results
12 pages
Caaaaaap
No ratings yet
Caaaaaap
5 pages
Introduction To Network Security: Guest Lecture Debabrata Dash
No ratings yet
Introduction To Network Security: Guest Lecture Debabrata Dash
47 pages
Midtest NguyenLeHoangThong
No ratings yet
Midtest NguyenLeHoangThong
8 pages
CNS Lecture2 1
No ratings yet
CNS Lecture2 1
38 pages
Vulnerabilities in TCP-IP
No ratings yet
Vulnerabilities in TCP-IP
61 pages
Windows Report
No ratings yet
Windows Report
36 pages
Taller
No ratings yet
Taller
159 pages
Report 1
No ratings yet
Report 1
33 pages
Scan Report
No ratings yet
Scan Report
35 pages
Group Work Netwwork Security and Cryptology
No ratings yet
Group Work Netwwork Security and Cryptology
9 pages
Scan of Freds
No ratings yet
Scan of Freds
39 pages
Tcpip
No ratings yet
Tcpip
26 pages
Avaya Cisco
No ratings yet
Avaya Cisco
114 pages
TCP-IP Cheat Sheet
No ratings yet
TCP-IP Cheat Sheet
2 pages
70 Series IEC 61850 Protocol Manual - RevQ - FINAL
No ratings yet
70 Series IEC 61850 Protocol Manual - RevQ - FINAL
202 pages
DLink Dir-655 Manual (Wireless N Router)
100% (5)
DLink Dir-655 Manual (Wireless N Router)
97 pages
CKA Exam - Free Questions and Answers - ITExams - Com - 2
No ratings yet
CKA Exam - Free Questions and Answers - ITExams - Com - 2
5 pages
1234
100% (1)
1234
5 pages
Panelview Plus 400 To 1500 Communications
100% (1)
Panelview Plus 400 To 1500 Communications
27 pages
Vcs Install Linux
No ratings yet
Vcs Install Linux
182 pages
Eve Cook Book 1.12 PDF
No ratings yet
Eve Cook Book 1.12 PDF
237 pages
Ericsson Lte Co Ncepts Rbs Equi Pment PDF
No ratings yet
Ericsson Lte Co Ncepts Rbs Equi Pment PDF
2 pages
Lapd Vs Lapdm (Technical)
No ratings yet
Lapd Vs Lapdm (Technical)
4 pages
Lom Log
No ratings yet
Lom Log
250 pages
Introduction To SNMP
No ratings yet
Introduction To SNMP
11 pages
Ethernet Lecture Summary
No ratings yet
Ethernet Lecture Summary
1 page
Networking&Cloud R
No ratings yet
Networking&Cloud R
76 pages
Network Design by Using Opnet™ It Guru
No ratings yet
Network Design by Using Opnet™ It Guru
7 pages
Chapter - 3&4 - Switching and IN - 2025
No ratings yet
Chapter - 3&4 - Switching and IN - 2025
41 pages
CNS Model Answers Unit 2
No ratings yet
CNS Model Answers Unit 2
38 pages
GSW 3208m2 Datasheet
No ratings yet
GSW 3208m2 Datasheet
2 pages
SMS Olsr
No ratings yet
SMS Olsr
14 pages
What Is A Digital Certificate?: Data Leaks
No ratings yet
What Is A Digital Certificate?: Data Leaks
5 pages
EN - CarrierList Brochure
No ratings yet
EN - CarrierList Brochure
9 pages
Organic Response Integral Sensor Node sn3 Datasheet PDF
No ratings yet
Organic Response Integral Sensor Node sn3 Datasheet PDF
3 pages
OT BASE Asset Discovery Installation and First Steps
No ratings yet
OT BASE Asset Discovery Installation and First Steps
8 pages
Ingenu RPMA To LPWA Comparison
No ratings yet
Ingenu RPMA To LPWA Comparison
2 pages
ACP-Cloud1 Updated Dumps - ACP Cloud Computing Certification
No ratings yet
ACP-Cloud1 Updated Dumps - ACP Cloud Computing Certification
15 pages
Amm MSC
No ratings yet
Amm MSC
6 pages
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
From Everand
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
Mulayam Singh
No ratings yet
Network with Practical Labs Configuration: Step by Step configuration of Router and Switch configuration
From Everand
Network with Practical Labs Configuration: Step by Step configuration of Router and Switch configuration
Mulayam Singh
No ratings yet
CompTIA Cloud+ Study Guide: Exam CV0-003
From Everand
CompTIA Cloud+ Study Guide: Exam CV0-003
Ben Piper
No ratings yet

Cyber Attack Report 1

Uploaded by

Cyber Attack Report 1

Uploaded by

Cybersecurity Incident Report

Date Time Attack Type Target Downtime Revenue Loss

169 13:24:44.831 Unknown Unknown TCP 1160.47 Unknown:Unknown:TCP

170 13:24:45.031 Unknown Unknown TCP 671.14 Unknown:Unknown:TCP

171 13:24:45.232 Unknown Unknown OSPF 1158.75 Unknown:Unknown:OSPF

172 13:24:45.432 Unknown Unknown TLSv1.2 192.63 Unknown:Unknown:TLSv1.2

173 13:24:45.643 Unknown Unknown SNMP 806.22 Unknown:Unknown:SNMP

174 13:24:45.843 Unknown Unknown TLSv1.2 990.43 Unknown:Unknown:TLSv1.2

175 13:24:46.044 Unknown Unknown TCP 935.04 Unknown:Unknown:TCP

176 13:24:46.244 Unknown Unknown OSPF 659.67 Unknown:Unknown:OSPF

177 13:24:46.444 Unknown Unknown TLSv1.2 952.85 Unknown:Unknown:TLSv1.2

178 13:24:46.651 Unknown Unknown SNMP 435.17 Unknown:Unknown:SNMP

179 13:24:46.851 Unknown Unknown ICMP 575.24 Unknown:Unknown:ICMP

180 13:24:47.052 Unknown Unknown ICMP 489.93 Unknown:Unknown:ICMP

181 13:24:47.252 Unknown Unknown UDP 169.35 Unknown:Unknown:UDP

182 13:24:47.453 Unknown Unknown ICMP 585.87 Unknown:Unknown:ICMP

183 13:24:47.653 Unknown Unknown SNMP 182.75 Unknown:Unknown:SNMP

184 13:24:47.869 Unknown Unknown TLSv1.2 803.95 Unknown:Unknown:TLSv1.2

186 13:24:48.271 Unknown Unknown UDP 426.73 Unknown:Unknown:UDP

187 13:24:48.472 Unknown Unknown SNMP 732.47 Unknown:Unknown:SNMP

188 13:24:48.672 Unknown Unknown ICMP 104.84 Unknown:Unknown:ICMP

189 13:24:48.883 Unknown Unknown SNMP 997.53 Unknown:Unknown:SNMP

190 13:24:49.084 Unknown Unknown SNMP 138.0 Unknown:Unknown:SNMP

191 13:24:49.286 Unknown Unknown TCP 801.17 Unknown:Unknown:TCP

192 13:24:49.486 Unknown Unknown ICMP 729.53 Unknown:Unknown:ICMP

193 13:24:49.686 Unknown Unknown ICMP 950.82 Unknown:Unknown:ICMP

194 13:24:49.892 Unknown Unknown OSPF 1150.46 Unknown:Unknown:OSPF

Detection and Response Metrics

Metric Time (Seconds)

Mean Time to Detect (MTTD) 21

Mean Time to Respond (MTTR) 4

1. EWMA (Exponentially Weighted Moving Average)

2. SVM (Support Vector Machine)

Response and Mitigation

Mitigation Action Description Outcome

IP Blocking = Blocked malicious IPs Attack reduced by 100%

Machine Learning Training Stricter filtering Better Classification

You might also like