Key points are not available for this paper at this time.
In this work it has been shown that the growth of computer attacks continues to advance constantly, as well as the large number of vulnerability detection and protection tools that exist, therefore, not protecting a computer system allows easy access by intruders to the system, putting the confidentiality, integrity and availability of information at risk, in addition to increasing costs for performing corrective maintenance on damaged devices. Furthermore, studying the traffic flow of a network using the WireShark tool revealed instances of malware attacks, prompting the development of a proposed malware detection system for the network. To obtain the Dataset, all network statistics had to be forwarded to a host, where this host was connected to a Port Mirror. Once these statistics were obtained, they were captured thanks to the Netflow protocol, in order to have better management of the entire captured traffic flow. Isolation Forest shows an excellent probability of 92% and the model can distinguish between non-anomalous data and data that is malware which is superior than support vector machine (SVM).
Pawar et al. (Thu,) studied this question.