Performance Evaluation of HTTP, DHCP and DNS Protocols of Data Packets for Vulnerabilities Using the Isolation Forest Algorithm

Abstract

In the contemporary digital landscape, network security is paramount to safeguard data integrity and prevent unauthorized access as data have been structured in the network through protocols. In term of data structure IPv6 protocol has extended data size due to the robust addresses of 128 bits as compare to 32 bits of IPv4. Due to the improved security data structure of IPv6, the study focuses on identifying vulnerabilities in HTTP, DHCP, and DNS packets using the Isolation Forest algorithm approach, a machine-learning technique designed for anomaly detection. By analyzing packet lengths, size, payload and addressing, the study visualizes normal and anomalous behavior, providing insights into potential security threats in IPv4 network structure. The results highlight the effectiveness of Goodput, Quality of service and risk as essential factors in the network, using Little's theorem analysis and the Isolation Forest in detecting anomalies across these different network protocols, offering valuable implications for network security structures, due to IoT in recent networks. The time response determination in this paper explained details information on the time the treats entered the network, the duration of the vulnerabilities within the network, leading to a certain threshold, and traffic delay factors due to deviation of packet length and other social engineering activities. Sensitive multipurpose security devices are involved; MikroTik routers were configured and installed in the network under evaluation. Which the normal DPI technique was unable to effectively and efficiently addressed. ADPI principles and operations where the needed security measures adopted to detect those vulnerabilities which were eventually addressed and have contributed to recent measures of network security.