Abstracted and indexed in:
Future:
Abstract—Snort is one of the well-known signature-based network intrusion detection system (NIDS). In the typical NIDS architecture, the sensor placement must be in the same physical network and the defence centre that makes the deployment cost steep. The increasing number of sensor instances, followed by a rapid increase in log data volume, caused the existing system to face big data challenges. Snort must have an efficient mechanism to collect, store, and aggregate data to address this problem. In this research, we want to fulfil the demands faced by Snort. We propose a new analysis framework for Snort NIDS on cloud and big data technology. Using our proposed framework, we can reduce deployment costs of NIDS, which run on big data environments. It contains Docker as the sensor's platform, Apache Kafka as the distributed messaging system, Apache Spark as the distributed processing engine, and Apache Cassandra as the core databases. Experiments are conducted to measure sensor deployment and aggregation speed and efficiency and data processing performance efficiency. As a result, our proposed framework requires a shorter deployment time of the Snort sensor and a lower system deployment cost. The data storing and aggregation are faster and more efficient than the typical architecture of Snort NIDS.
Ferry Astika S.
Electrical Engineering, Universitas Indonesia
Depok, Indonesia
Fadhil Yori
Politeknik Elektronika Negeri Surabaya
Surabaya, Indonesia
Ikbar Maulana
Politeknik Elektronika Negeri Surabaya
Surabaya, Indonesia
Dimas R
Politeknik Elektronika Negeri Surabaya
Surabaya, Indonesia
Ahmada Y
Politeknik Elektronika Negeri Surabaya
Surabaya, Indonesia
M. Alfiyan
Politeknik Elektronika Negeri Surabaya
Surabaya, Indonesia
Andri S
Balai Jaringan Informasi Informasi dan Komunikasi, Badan Pengkajian dan Penerapan Teknologi
Jakarta, Indonesia
Novi Turniawati
Balai Jaringan Informasi Informasi dan Komunikasi, Badan Pengkajian dan Penerapan Teknologi
Jakarta, Indonesia
Dani Ramdani
Balai Jaringan Informasi Informasi dan Komunikasi, Badan Pengkajian dan Penerapan Teknologi
Jakarta, Indonesia
Taufik Y
Balai Jaringan Informasi Informasi dan Komunikasi, Badan Pengkajian dan Penerapan Teknologi
Jakarta, Indonesia
Muhammad Salman
Electrical Engineering, Universitas Indonesia
Depok, Indonesia
Kalamullah Ramli
Electrical Engineering, Universitas Indonesia
Depok, Indonesia
Jauhari
Politeknik Elektronika Negeri Surabaya
Surabaya, Indonesia
Isbat
Politeknik Elektronika Negeri Surabaya
Surabaya, Indonesia
Iwan Syarif
Politeknik Elektronika Negeri Surabaya
Surabaya, Indonesia
POWERED BY
PARTNERS
