<a href="https://colab.research.google.com/github/MachkuriRajesh2/Development-Of-Interactive-Cyber-Threat-Visualisation-Dashboard/blob/main/sql_1.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

*TITLE:* Interactive Visualization of Network Attacks for Cyber Threat Analysis                                                                              

*INTRODUCTION:* Cybersecurity has become a critical concern for organizations, governments, and individuals worldwide. With increasing dependence on cloud computing, IoT devices, and online services, cyber attackers are using more intelligent and automated techniques to breach systems. Conventional security approaches such as signature-based intrusion detection systems (IDS) fail to adapt to new and unknown threats.                                                                                                                                                    


*PROMPT USED FOR DATASET CREATION:* Open Source A

In [53]:
import sqlite3
import pandas as pd

In [54]:

# Load the dataset into a pandas DataFrame
df = pd.read_csv('/content/10_years_network_attack_dataset.csv')

In [55]:
# Extract year from timestamp and add it as a new column
df['year'] = pd.to_datetime(df['timestamp']).dt.year
df['month'] = pd.to_datetime(df['timestamp']).dt.month

In [56]:

# SQLite Database Integration
conn = sqlite3.connect("cyber_threats.db")
df.to_sql("cyber_attacks", conn, if_exists="replace", index=False)

3650

In [57]:

query1 = """
SELECT year, COUNT(*)
FROM cyber_attacks
WHERE severity = 'Critical'
GROUP BY year;
"""
critical_attacks = pd.read_sql(query1, conn)
print(critical_attacks)

   year  COUNT(*)
0  2016        34
1  2017        31
2  2018        26
3  2019        47
4  2020        35
5  2021        39
6  2022        39
7  2023        34
8  2024        33
9  2025        30


In [58]:


query2 = """
SELECT attack_type, COUNT(*) AS total
FROM cyber_attacks
GROUP BY attack_type
ORDER BY total DESC;
"""
print(pd.read_sql(query2, conn))

     attack_type  total
0         Benign   1621
1       Phishing    551
2           DDoS    424
3        Malware    419
4     Ransomware    290
5  SQL Injection    174
6    Brute Force    171


In [59]:

query3 = """
SELECT *
FROM cyber_attacks
LIMIT 10;
"""
print(pd.read_sql(query3, conn))

   event_id   timestamp        source_ip destination_ip protocol  \
0         1  2016-01-01  192.168.175.197     10.0.21.63      TCP   
1         2  2016-01-02   192.168.25.247   10.0.220.226      UDP   
2         3  2016-01-03   192.168.67.212    10.0.154.40     ICMP   
3         4  2016-01-04  192.168.151.104    10.0.77.104      UDP   
4         5  2016-01-05   192.168.92.186    10.0.71.223      UDP   
5         6  2016-01-06   192.168.142.24   10.0.230.112      UDP   
6         7  2016-01-07    192.168.72.90    10.0.15.162      TCP   
7         8  2016-01-08   192.168.110.43    10.0.227.38      TCP   
8         9  2016-01-09  192.168.218.137    10.0.93.129      TCP   
9        10  2016-01-10  192.168.167.231    10.0.66.185      TCP   

     attack_type  severity  packet_size  anomaly_score  year  month  
0         Benign       Low           89          0.096  2016      1  
1         Benign      High          892          0.198  2016      1  
2           DDoS    Medium          833  

In [60]:

query4 = """
SELECT COUNT(*) AS total_events
FROM cyber_attacks;
"""
print(pd.read_sql(query4, conn))

   total_events
0          3650


In [61]:

query5 = """
SELECT DISTINCT attack_type
FROM cyber_attacks;
"""
print(pd.read_sql(query5, conn))

     attack_type
0         Benign
1           DDoS
2        Malware
3  SQL Injection
4     Ransomware
5    Brute Force
6       Phishing


In [62]:



query6 = """
SELECT attack_type, COUNT(*) AS total
FROM cyber_attacks
WHERE year = 2022
GROUP BY attack_type;
"""
print(pd.read_sql(query6, conn))



query7 = """
SELECT year, COUNT(*) AS total_events
FROM cyber_attacks
WHERE year BETWEEN 2019 AND 2023
GROUP BY year;
"""
print(pd.read_sql(query7, conn))


     attack_type  total
0         Benign    157
1    Brute Force     15
2           DDoS     48
3        Malware     40
4       Phishing     63
5     Ransomware     24
6  SQL Injection     18
   year  total_events
0  2019           365
1  2020           366
2  2021           365
3  2022           365
4  2023           365


In [63]:


query8 = """
SELECT attack_type, AVG(anomaly_score)
FROM cyber_attacks
GROUP BY attack_type;
"""
print(pd.read_sql(query8, conn))





print("Cyber Threat Analysis Completed Successfully")

     attack_type  AVG(anomaly_score)
0         Benign            0.498374
1    Brute Force            0.494129
2           DDoS            0.498042
3        Malware            0.484921
4       Phishing            0.508648
5     Ransomware            0.499472
6  SQL Injection            0.494529
Cyber Threat Analysis Completed Successfully
