Project 03 · Cybersecurity · Network Analysis

Network Traffic Analysis & Threat Detection

Deep packet inspection using Wireshark across TCP/IP, DNS, HTTP, and ICMP protocols. Identified port scanning signatures, unencrypted credential transmission, and suspicious ARP behaviour — mapping findings to the OWASP Top 10 framework. Underpins active CompTIA Security+ preparation and cloud threat modelling skills.

OWASP

Framework

L3–7

OSI coverage

DPI

Packet analysis

Overview

A hands-on network security analysis project built around Wireshark, focused on identifying real attack signatures and insecure traffic patterns across the OSI stack — directly supporting CompTIA Security+ preparation and cloud threat-modelling work.

What was analysed

Deep packet inspection across TCP/IP, DNS, HTTP, and ICMP traffic
Identification of port scanning signatures (e.g. sequential SYN packets across port ranges)
Detection of unencrypted credential transmission in plaintext HTTP traffic
Suspicious ARP behaviour consistent with ARP spoofing / man-in-the-middle activity
Mapped each finding to the relevant category in the OWASP Top 10 framework

Why it's relevant

This project is the practical counterpart to the dissertation's ML-based detection work — instead of classifying content (emails), it's about classifying behaviour at the network level. Together, they cover both the application-layer and network-layer sides of threat detection.

WiresharkOWASPTCP/IPThreat Detection

View Repository ↗ ← All Projects