Abstract: In the current era of cyber warfare and security threat attacks, where the strength of any nation in the present world is measured largely by the growth of its technical strength, it comes as a crucial need to constantly monitor and analyze the ongoing threats and day to day malicious activities. The Cyber Threat Intelligence Analysis project will deal with:
1. Real-time extraction of raw threat intelligence data like malicious IP addresses, latest information regarding Botnets, Malwares, Spams IP, Phishing attacks across the world from multiple reliable sources and threat feeds across the Internet and from the honeypot sources of the IIT Kanpur Honey-pot network.
2. The project further aims to make a statistical dashboard and a web API service of this data. This includes providing real-time updates of multiple statistical visualizations like threat intelligence pie-charts, GeoIP maps, country-wise comparisons, date-time analysis and other data aggregation techniques.
3. The final task accomplished in this project is to detect whether a URL is malicious or safe by analyzing and classifying URLs as malicious or benign by applying machine learning algorithms on a corpus of URL text. An analysis of accuracy of multiple machine learning classification algorithms is done and the best one is chosen.