- Real-time network traffic monitoring
- Feature extraction for analysis of network packets (placeholder implementation provided)
- Machine learning model for MITM attack detection (placeholder training data used)
- Confidence threshold for triggering alerts
-
Python 3.x (https://www.python.org/downloads/)
-
Install the required libraries using the following command:
pip install -r requirements.txt
- Click the "Start Detection" button to initiate real-time network traffic monitoring.
- The application will begin capturing network packets (specifically ARP packets) and analyzing them using the machine learning model.
- If the model's confidence in detecting a potential MITM attack exceeds the pre-defined threshold (0.9 by default), an alert message will be displayed in the log text box, providing details about the suspicious packet.
- The current implementation uses placeholder functions for feature extraction and model training. You'll need to replace these with your own logic and training data for effective MITM detection.
- Adjust the confidence threshold (alert_threshold) in the source code to suit your desired level of sensitivity. Lower thresholds may generate more alerts, while higher thresholds might miss some attacks.
- This is a basic framework for a MITM detection tool and in development. Additional development will be implemented for robust attack detection and assertiveness in production environments.
- feature engineering techniques to extract meaningful information from network packets.