A Multi-Functional Web Tool for Comprehensive Threat Detection Through   IP Address Analysis

Cebajel Tanan; Sameer G. Kulkarni; Tamal Das; Manjesh K.; Hanawal

arXiv:2412.03023·cs.CR·December 5, 2024

A Multi-Functional Web Tool for Comprehensive Threat Detection Through IP Address Analysis

Cebajel Tanan, Sameer G. Kulkarni, Tamal Das, Manjesh K., Hanawal

PDF

Open Access

TL;DR

This paper presents a comprehensive, open-source web tool for detailed IP address analysis, integrating multiple detection features and a confidence scoring system to enhance cyber threat intelligence capabilities.

Contribution

It introduces a novel multi-functional IP analysis web tool that combines various detection methods, a confidence scoring system, and local caching for improved performance.

Findings

01

Provides geolocation, VPN, proxy, bot, Tor detection, and port scan features.

02

Includes domain statistics with name server and registrar info.

03

Employs a confidence score based on multiple online sources.

Abstract

In recent years, the advances in digitalisation have also adversely contributed to the significant rise in cybercrimes. Hence, building the threat intelligence to shield against rising cybercrimes has become a fundamental requisite. Internet Protocol (IP) addresses play a crucial role in the threat intelligence and prevention of cyber crimes. However, we have noticed the lack of one-stop, free, and open-source tools that can analyse IP addresses. Hence, this work introduces a comprehensive web tool for advanced IP address characterisation. Our tool offers a wide range of features, including geolocation, blocklist check, VPN detection, proxy detection, bot detection, Tor detection, port scan, and accurate domain statistics that include the details about the name servers and registrar information. In addition, our tool calculates a confidence score based on a weighted sum of publicly…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsNetwork Security and Intrusion Detection · Advanced Malware Detection Techniques · Anomaly Detection Techniques and Applications