Paper Key : IRJ************989
Author: A Indu ,K.g.mohanavalli,D.kumar, D.balaji,K.aswini,B.abhinayajyothi
Date Published: 05 Apr 2025
Abstract
The rise of random cyberattacks presents a major danger to online security. Timely identification of malware scanning efforts, which are often signs of larger threats, is essential yet difficult due to the overwhelming benign traffic on networks. Darknets, which consist of unassigned IP address ranges, provide a better signal-to-noise ratio for tracking such hostile scanning behavior. Nonetheless, the massive volume and diversity of darknet traffic, which includes harmless scans and misconfigured settings, require advanced analytical methods. This study presents Dark-TRACER, a cohesive framework aimed at the early identification of malware activities by detecting unusual spatial and temporal patterns within darknet traffic. Dark-TRACER integrates and systematizes three separate machine learning detection techniques: Dark-GLASSO (Graphical Lasso), Dark-NMF (Non-negative Matrix Factorization), and Dark-NTD (Non-negative Tucker Decomposition), utilizing their unique advantages. By concentrating on the synchronization and coordination found in malware scanning operations, the framework seeks to differentiate harmful actions from background noise in almost real-time. Initial assessments indicate that this combined strategy provides better detection capability than any single method alone, effectively recognizing a range of malware activities while establishing a basis for future improvements in minimizing false positives and automating the threat assessment process