Threat Scope: A User-Centric Real-Time Network Threat Detection and Explanation Platform
- Intrusion Detection System, Network Security, Threat Detection, Visual Analytics, Explainable Security, Alert Fatigue, JavaFX, Pcap4J, Risk Scoring, DDoS Detection, Port Scan Detection.
In the evolving landscape of cybersecurity, the increasing frequency and sophistication of network-based attacks demand intelligent and user-accessible threat detection solutions. Existing Host-Based Intrusion Detection Systems (HIDS), such as Snort and OSSEC, produce highly technical outputs that are inaccessible to non-expert users and frequently overwhelm security analysts with redundant alerts — a phenomenon known as alert fatigue. This paper presents ThreatScope, a user-centric, real-time network threat detection and explanation platform implemented in Java 8 with a JavaFX graphical interface. ThreatScope introduces a novel "Explain-Before-Alert" philosophy, wherein every detected threat is accompanied by a structured, plain-English explanation synthesized by a dedicated Explanation Engine. The system employs a four-layer architecture: (1) a Packet Capture layer leveraging the Pcap4J library for raw IPv4 packet acquisition, (2) a multi-engine Detection layer comprising a DDoS Detector, Port Scan Detector, and Pattern Detector operating in parallel, (3) a Risk and Classification Engine implementing a formulaic risk scoring model bounded by IP reputation classification, and (4) a Visual Analytics Dashboard providing real-time traffic visualization through live line charts, protocol distribution pie charts, and a top-talkers ranking panel. Experimental evaluation on simulated attack scenarios demonstrates detection rates of 84–100% across seven attack vectors with near-zero false-positive rates and a 96.7% reduction in duplicate alert noise through the Alert Suppression mechanism. A comparative analysis establishes ThreatScope as the only evaluated open-source tool that simultaneously provides automated detection, explainability, visual analytics, and non-expert accessibility in a standalone platform.
Registration ID: IJVRA_701769 Published ID: IJVRA2603362
"Threat Scope: A User-Centric Real-Time Network Threat Detection and Explanation Platform", IJVRA - International Journal of Versatile Research and Analysis (www.IJVRA.org), ISSN:2984-8903, Vol.4, Issue 3, page no.740-750, March-2026, Available :https://ijpub.org/ijvra/papers/IJVRA2603362.pdf
Paper Reg. ID: IJVRA_701769
Published Paper Id: IJVRA2603362
Research Area: Other area not in list
Country: Coimbatore, Tamilnadu, India
ISSN: 2984-8903 | IMPACT FACTOR: 9.12 Calculated By Google Scholar | ESTD YEAR: 2023
An International UGC CARE JOURNAL PUBLICATION Low Cost (₹599), Scholarly Open Access, Peer-Reviewed, Refereed Journal Impact Factor 9.12 Calculate by Google Scholar and Semantic Scholar | AI-Powered Research Tool, Multidisciplinary, Monthly, Multilanguage, Crossref DOI Member Journal Indexing in All Major Database & Metadata, Citation Generator
Publisher: IJVRA (IJ Publication) Janvi Wave
© 2026 - Authors hold the copyright of this article. This work is licensed under a Creative Commons Attribution 4.0 International License and The Open Definition.
This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (CC BY 4.0). 🛡️ Disclaimer:
The content, data, and findings in this article are based on the authors’ research and have been peer-reviewed for academic purposes only. Readers are advised to verify all information before practical or commercial use. The journal and its editorial board are not liable for any errors, losses, or consequences arising from its use.
: Click Here to Get
About Hard Copy and Transparent Peer Review Report
