PATS2
You are not logged in
Time stamp: 02:33:37-3/12/2024

[Login]

Creating a ML model based on Network Activity to detect Attacks from malicious web server


Balqees Al-Ajmi

14/05/2021

Supervised by Amir Javed; Moderated by Martin J Chorley

In this project will be carried out in three stages. Stage 1 Path 1 1. Collect data from an online social network around a popular topic. 2. Identify those URL that are pointing to malicious web servers by checking them against Virus Total , send request via Virus Total API Path 2 1. Look at publicly available source of URL's classified as malicious [pointing to malicious web servers], such as Phistank etc. Stage 2 1. Using VirtualBox create a sandboxed environment 2. In the sandboxed environment have atleast 2 VM running different Win OS 3. Open the each identified URL's in stage 1 in atleast one of the VM 4. record network activity as VM interacts with web server for a period of 1 min. [time for observation can be changed] 5. reboot the VM to clean state 6. repeat from 3 Stage 3 Using the network activity data 1. Preprocess the data 2. Build machine learning model [atleast 2 to compare] that can detect malicious URL's based on network activity.


Initial Plan (08/02/2021) [Zip Archive]

Final Report (14/05/2021) [Zip Archive]

Publication Form