A Comparative Approach on Network Tools for Analysing Suspicious Behaviour in Network Streaming Data

Cyber threats and intelligence are facing massive challenges in present world. Computers connected to the network get compromised routinely due to various cyber-attacks over the network, which lead to financial damages, loss of important data and disclosure of secrets to be revealed in the public world. Even though cyber intelligence plays a vital role in combatting against the network attacks, AI powered malwares and its behaviours are very difficult to analyse. Malicious network data obviously bypass the security systems installed in the computer and compromise the entire system within a less time span. So, cyber professionals need the automated tools for analysing and detecting the suspicious behaviour in the network. In this paper, we study the various existing cyber analytics tools used for detecting the suspicious network activity in the data streaming network and compare the efficiency of the tools using some key performance indicators by generating real time attacks artificially in the live monitor mode. The results obtained in this study are combined with cyber intelligence platform for visualising the suspicious activities. It is a real research challenge, to address this challenge, the obtained results are utilized as real time case studies. With these case studies, we suggest some modifications which need to be carried out in large network operational centres and also this paper discusses the work flow of large network operational centres and the changes required to do in their work flows are addressed.