Real-Time Network Monitoring: Integrating Machine Learning and Custom Packet Sniffer Using Python

Title

Real-Time Network Monitoring: Integrating Machine Learning and Custom Packet Sniffer Using Python

Creator

Jomon, Ashvin Antony; Poonia, Ramesh Chandra

Description

The growth in network traffic and the increasing complexity of cyber threats necessitate robust systems for detecting anomalies that indicate security breaches. This research presents a methodology for finding anomalies in packets sent when the connection is established. It uses a machine learning model and a packet sniffer. It captures Transmission Control Protocol (TCP), User Datagram Protocol (UDP), IPv4, and Internet Control Message Protocol (ICMP) segments to predict if any anomalies are present (Sanders in Practical packet analysis: using wireshark to solve real-world network problems, No Starch Press, San Francisco, 2017). An unsupervised learning model is utilized. The presence of unlabeled data to enhance the real-time prediction using isolation forest model. The data collected by packet sniffer undergoes avoiding null values and encoding addresses, and thus an isolation forest is used so that it predicts if anomalies are present using binary trees. The performance is evaluated on the basis of metrics like accuracy, precision, and F1-score (Goutte and Gaussier in European conference on information retrieval, Springer, New York, 2005). The result illustrates the model is accurate in predicting whether anomalies are present. Future work is focused on enhancing the models capabilities with more protocols and an active defense mechanism. The study addresses real-world deployment challenges especially in heterogeneous environments like IoT-based networks. While isolation forest is getting high accuracy, future research could explore hybrid approaches combining traditional statistical methods with deep learning techniques for enhanced industry applications (Ahmed et al. in J Netw Comput Appl 60:1931, 2016). The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2026.

Source

Lecture Notes in Networks and Systems;Volume;1579 LNNS;pp.1-15

Date

01-01-2026

Publisher

Springer Science and Business Media Deutschland GmbH

Subject

Isolation forest classification; Machine learning; Network anomaly detection; Packet sniffer; Real-time processing; Unsupervised learning

Coverage

Jomon A.A., Christ (Deemed to Be University), Delhi NCR, Uttar Pradesh, Ghaziabad, India; Poonia R.C., Christ (Deemed to Be University), Delhi NCR, Uttar Pradesh, Ghaziabad, India

Rights

Restricted Access; Hardcopy may be available in the library

Relation

ISSN: 23673370; ISBN: 978-981950625-5;

Format

online

Language

English

Type

Conference paper

Identifier

https://doi.org/10.1007/978-981-95-0626-2_1

https://www.scopus.com/pages/publications/105028357876?origin=resultslist