Enhanced Alert Generation System with Attacker IP for DoS Attacks

The denial of service (DoS) attack carries a significant risk to network security as they can cause major disruptions and financial losses by flooding a network with excessive data. Different approaches can be utilized to carry out these attacks from basic flooding to more complex, distributed methods, and they can target multiple network layers, taking advantage of vulnerabilities to maximize damage. Complex attacks may be difficult for standard detection techniques, which depend on fixed limits, to identify since attackers frequently alter how they overcome fixed defences. Additionally, these techniques may produce false positives, which would result in useless alerts and resource usage. To overcome these obstacles, we have created an improved DoS detection system that uses Pyshark for indepth packet analysis to keep track of network traffic in real-time. To provide essential data for an immediate reaction, the system observes the attacker's IP address and dynamically modifies its thresholds in response to traffic patterns. Real-time notifications via email containing the attacker's IP address and packet count are provided in the context of a threat detection, allowing for immediate reaction. This method strengthens network security by providing a more effective and rapid protection responses to attacks known as denial-of-service (DoS).