Wi-Fi Network Packet-Port Vulnerability and Security Analyzer

Abstract

Wireless networks are the primary gateways for modern digital communication, yet they remain susceptible to critical vulnerabilities due to weak encryption, exposed ports, and the lack of integrated monitoring. Existing security tools are often fragmented and command-line driven, creating a significant \"expert-gap\" that leaves administrators unable to visualize their risk posture effectively. To address these challenges, this project introduces an Integrated Wi-Fi Network Packet-Port Vulnerability and Security Analyzer. Developed using a Python-Flask framework, the system implements a synchronized, multi-layered diagnostic pipeline protected by a secure User Authentication and Login module. The backend utilizes Scapy for real-time ARP integrity monitoring and Nmap for granular service discovery. A key innovation is the Heuristic Rule-Based Audit engine, which cross-references discovered services against global CVE databases via RESTful APIs to provide live threat intelligence. To ensure proactive defense, the system features an Automated Email Alerting mechanism that triggers a critical notification to the administrator whenever the Network Health Score falls below a 50% threshold. The final implementation features a high-fidelity web dashboard that synthesizes complex telemetry into a quantifiable health score based on CVSS principles. By automating Security Audit Reports and providing structured Remediation Roadmaps, the project transforms raw network data into actionable security intelligence. This unified platform offers a proactive, scalable solution for enhancing wireless integrity in both residential and enterprise environments.

Introduction

The project proposes an AI-driven network security analyzer designed to address growing vulnerabilities in wireless networks, especially in home and public environments where security is often weak. Traditional tools are complex, fragmented, and require expert knowledge, creating an “expert gap” that limits accessibility for general users.

To overcome these issues, the system introduces a unified security framework that integrates multiple layers of network analysis—physical, link, and transport—into a single, user-friendly platform. It combines tools like packet sniffing and port scanning with real-time threat intelligence from global databases (e.g., CVE, NVD) to evaluate vulnerabilities and generate a “Network Health Score.”

A key innovation is the heuristic risk engine, which calculates the health score by deducting points based on the severity of detected threats. If the score falls below a critical threshold (50%), the system triggers automated email alerts, enabling proactive incident response. The framework also includes features like deep packet inspection, ARP monitoring for attack detection, and VPN integration for immediate mitigation.

Unlike traditional systems, this solution provides:

• Actionable remediation guidance
• Automated vulnerability intelligence integration
• Real-time monitoring and alerts
• Historical trend analysis
• User-friendly visualization via a web dashboard

Technically, the system uses a multi-layer architecture with tools such as Python, Flask, Scapy, Nmap, and SQLite, along with modern frontend technologies for visualization.

Overall, the project delivers a comprehensive, intelligent, and accessible network security solution that transforms raw technical data into actionable insights, enabling users to effectively monitor, analyze, and secure their networks against modern cyber threats.

Conclusion

The design and implementation of the Security Core represent a significant advancement in localized network security auditing, successfully bridging the gap between expert-level penetration tools[8][16] and accessible management interfaces [12]. This research demonstrates that high-level web frameworks like Flask[12] can effectively orchestrate low-level primitives such as Scapy[13] and Nmap[7] to create a unified, high-performance defense mechanism. The implementation of a Secure User Authentication and Login module further strengthens this defense, ensuring that sensitive network telemetry and audit reports remain accessible only to authorized administrators. The system’s primary innovation is its synchronized 9-stage execution pipeline, which automates the transition from raw environmental reconnaissance to sophisticated threat correlation. Central to this success is the Heuristic Scoring Engine, which transforms disparate telemetry—including encryption standards[11],open port counts [7], and ARP integrity[13]into a singular, quantifiable Network Health Score based on CVSS standards[9]. By utilizing a RESTful API architecture, the analyzer ensures that vulnerability detection is grounded in real-time global intelligence from CVE databases [20] and the NVD[19] rather than static local definitions. A pivotal feature of this dynamic capability is the Automated Email Alerting mechanism, which acts as an active incident response trigger by dispatching real-time notifications whenever the Network Health Score drops below the 50% safety threshold. Ultimately, the project shifts the paradigm from reactive monitoring to proactive network defense by providing a structured Remediation Roadmap and a historical persistence layer via SQLite [15].

References

Research Papers and Academic Journals [1] Masiukiewicz, V. Tarykin, and V. Podvornyi, \"Security threats in Wi-Fi networks,\" International Research Journal of Advanced Engineering and Science, vol. 1, no. 3, pp. 6-11, 2016. http://irjaes.com/wp-content/uploads/2020/10/IRJAES-V1N3P60Y16.pdf [2] P. Bheevgade, C. Saha, R. Nath, S. Dabhade, H. Barot, and S. O. Junare, \"The Rise of Public Wi-Fi and Threats,\" in Information Security, Privacy and Digital Forensics, S. J. Patel et al., Eds. Singapore: Springer Nature, 2024, pp. 175-189. https://www.researchgate.net/publication/375230379_The_Rise_of_Public_Wi-Fi_and_Threats [3] S. Simbaña, G. López, C. Tipantuña, and F. Sánchez, \"Vulnerability Analysis Toolkit for IEEE 802.11 Wireless Networks: A Practical Approach,\" in 2018 International Conference on Information Systems and Computer Science Vulnerability Analysis Toolkit for IEEE 802.11 Wireless Networks: A Practical Approach | IEEE Conference Publication | IEEE Xplore [4] T. Mekhaznia and A. Zidani, \"Wi-Fi security analysis,\" Procedia Computer Science, vol. 73, pp. 172-178, 2015. https://www.sciencedirect.com/science/article/pii/S1877050915034705 [5] R. Sridaran and R. Budhrani, \"Wireless Local Area Networks: Threats and Their Discovery Using WLANs Scanning Tools,\" International Journal of Advanced Networking Applications (IJANA), pp. 137-150, Nov. 2014. https://www.researchgate.net/publication/273776388_Wireless_Local_Area_Networks_Threats_and_Their_Discovery_Using_WLANs_Scanning_Tools [6] M. M. Noor and W. H. Hassan, \"Current threats of wireless networks,\" in The Third International Conference on Digital Information Processing and Communications, 2013, pp. 704-713. https://www.sciencedirect.com/science/article/pii/S1877050917319853 Official Documentation and Technical Manuals [7] G. F. Lyon, Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning. [8] \"Aircrack-ng Documentation,\" 2017. [Online]. Available: https://www.aircrack-ng.org/. [9] FIRST, \"Common Vulnerability Scoring System v3.0: Specification Document,\" 2015. [Online]. Available: https://www.first.org/cvss/v3.0/specification-document. [10] OWISAM, \"OWISAM (Open Wireless Security Assessment Methodology),\" Sep. 2013. [Online]. Available: https://www.owisam.org/. [11] IEEE Standard for Information technology—Telecommunications and information exchange between systems—Local and metropolitan area networks—Specific requirements - Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications, IEEE Std 802.11-2012. Software Frameworks and Security Tools [1] \"Flask Documentation (v3.x),\" Pallets Projects. [Online]. Available: https://flask.palletsprojects.com/. [2] \"Scapy Documentation: Packet Crafting and Sniffing,\" [Online]. Available: https://scapy.net/. [3] \"Wireshark User’s Guide,\" Wireshark Foundation. [Online]. Available: https://www.wireshark.org/docs/. [4] \"SQLite Documentation,\" SQLite.org. [Online]. Available: https://www.sqlite.org/docs.html. [5] \"WiFi-Pumpkin: Framework for Rogue Wi-Fi Access Point Attack,\" Oct. 2017. [Online]. Available:https://github.com/P0cL4bs/WiFi-Pumpkin. [6] \"Fluxion: WiFi analyzer,\" Oct. 2017. [Online]. Available: https://github.com/wi-fi-analyzer/fluxion. [7] \"MITMf: Framework for Man-In-The-Middle attacks,\" Oct. 2017. [Online]. Available: https://github.com/byt3bl33d3r/MITMf. Web Resources and Databases [1] NIST, \"National Vulnerability Database (NVD),\" U.S. Department of Commerce. [Online]. Available: https://nvd.nist.gov/. [2] MITRE, \"CVE - Common Vulnerabilities and Exposures,\" [Online]. Available: https://cve.mitre.org/. [3] \"Kali Linux Wireless Penetration Testing Tools,\" Offensive Security. [Online]. Available: https://www.kali.org/tools/.

Copyright

Copyright © 2026 G. Vijaya Lakshmi, B. Manoj Kumar, T. Chandra Sekhar, K. Raghavendra Sai, A. Rakesh Kumar. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.