International Journal of Emerging Technology and Advanced Engineering (IJETAE)
Detection and remediation of security incidents is an increasingly important task of system administrators. Specifically, system administrators typically have to base their actions on observing the local traffic to and from their own networks as well as global security incident alerts from organizations software and hardware vendors. However, stealthy targeted attacks may slip below detection thresholds both in the local data alone and on the global scale. The approach uses Cisco packet tracer, a commonly available non-intrusive data source, analyzes communication to/from the group, and alerts the group members when suspicious activity is detected.