CHAPTER 1

INTRODUCTION

1.1 Overview of project

1.2 Background

1.3 Motivation

1.4 Problem Statement

1.5 Advantages

1.6 Disadvantages

1.7 Limitations
1.1 OVERVIEW OF PROJECT

A network security monitoring system (NSMS) is a set of tools and processes

designed to detect, analyse, and respond to security threats in a computer network.
The main goal of an NSMS is to improve network security by providing continuous
monitoring of network activity and detecting any suspicious or unauthorized activity.

Businesses rely on networks for all operations. Hence, network monitoring is very
crucial for any business. Today, networks span globally, having multiple links
established between geographically separated data centres, public and private clouds.
This creates multifield challenges in network management. Network admins need to
be more proactive and agile in monitoring network performance.

Overall, an NSMS is an essential component of a comprehensive cyber security

strategy, enabling organizations to proactively monitor.

1.2 BACKGROUND

• Freemium Version
• Monitor your devices and interfaces using your free network monitoring
system.
• Full-stack Monitoring
• Full-fledged Server Monitoring with more than 60 performance metrics for
your physical, virtual, and cloud servers
• Abuse of account privileges.
• From honest mistakes to misuse of account privileges and intentional leaks, to
identity theft, or any other engineering attack to compromise the security of
user account data; individuals inside your premises are among your major
security problems.
• Insufficient IT security management
• Even with the most reliable cyber-security solutions, most organizations may
still face threats since they lack enough skilled workforce to manage the
resources well. As a result, you may miss crucial security alerts, and any
successful attack may not be countered early enough to minimize the damage.
1.3 MOTIVATION

The seamless operation of the Internet requires being able to monitor and to visualize
the actual behaviour of the network. Today, IP network operators usually collect
network flow statistics from critical points of their network infrastructure. Whereas
network problems or attacks that significantly change traffic patterns are relatively
easy to identify, it tends to be much more challenging to identify creeping changes or
attacks and faults that manifest themselves only by very careful analysis of initially
seemingly unrelated traffic patterns and their changes. There are currently no
deployable good network visualization solutions supporting this kind of network
analysis, and research in this area is just starting. In addition, the large volume of flow
data on high-capacity networks and exchange points requires moving to probabilistic
sampling techniques, which require new analysis techniques to calculate and also to
visualize the uncertainty attached to data sets

1.4 PROBLEM STATEMENT

1.REAL TIME MONITORING: -

 Employers to observe employees' computer activities.

 Device owners to track possible unauthorized activity on their devices.

2.USER MANAGEMENT: -

 User management describes the ability for administrators to manage devices,

systems, applications, storage systems, networks and user access to other various
IT resources

3. KEY LOGGER: -

 Key loggers also known as keystroke loggers, may be defined as the recording of
the key pressed on a system and saved it to a file, and the that file is accessed by
the person using this malware.

4. ABUSE OF USER ACCOUNT PRIVILEGES:

 According to data cited by the Harvard Business Review, for the year of 2016,
“60% of all attacks were carried out by insiders.” Whether it’s because of honest
mistakes (accidentally sending info to the wrong email address or losing a work
device), intentional leaks and misuse of account privileges

5. IRRELEVANT SEARCHES:

 Students in college or a person at work may not be allowed to use social medias in
their pc, with the help of our key logger feature they will be monitored with every
search.

6. VISITING UNNECESARRY WEBSITES

 Our system can block certain websites that cannot be accessed by the user, which
will keep them indulge their work.

1.5 ADVANTAGES

 Builds trust
 Mitigates risk
 Protects proprietary information
 Enables a more modern workplace

1.6 DISADVANTAGES

 Limited to a small network

 Time consuming
 Incompetent administration
 Need an efficient handler
 Web app is slower in speed

1.7 LIMITATION

 Only 5 computers can join a network.

 Availability
 Internet dependency