Abstract
This paper presents the results of preparing a virtual bench for modeling and detecting network attacks using a freely distributed intrusion detection system (IDS). The relevance of the work is related to the growing demand for IDS as sources of information security events for security information and event management (SIEM) systems. A comparative analysis of the most popular freely distributed open-source network IDSs was carried out and the choice of the Zeek system for its use in the project was substantiated. The work uses Zeek network logs, which contain important and structured information about the analyzed network traffic. The laboratory bench was built on the basis of a Linux virtual machine and a Mininet network simulator. A graphical representation of the developed virtual stand is proposed. An experimental study of the effectiveness of an intrusion detection system is demonstrated by simulating a network denial of service attack and further analyzing the received network traffic using IDS tools.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
