DATA VISUALIZATION OF NETWORK SECURITY SYSTEMS

Michal Ennert,Zuzana Dudláková,Branislav Madoš

doi:10.15546/aeei-2014-0034

Michal Ennert, Zuzana Dudláková + Show 1 more

Open Access

https://doi.org/10.15546/aeei-2014-0034

Copy DOI

Abstract

The goal of this article is to analyse, design, implement and test different ways of evaluating and visualizing logs from intrusion detection system (IDS). For the main objective of this work it was necessary to study the ways in which it will be possible to carry out data visualization recorded in the IDS database. It was necessary to design and implement evaluation, imaging and visualization logs of intrusions recorded in a computer network security system. The work will therefore bring more comfortable option to read large amounts of technical messages to humans. Such a person does not have to have knowledge of the system, which used to display visualized data in depth – the person should just be able to interpret the visualization displayed on a computer screen.

Highlights

Nowadays due to informatization data is gradually moved from various records and archives to computer servers, which is accessible via computer network
The aim of this work is to create the concept and design of network architecture and this system, system which has the task of monitoring and management stations for intrusion detection, which should contribute to an even greater degree of protection against possible network attacks
The first part is devoted to the issue of creating the concept and design of network architecture, the second is dedicated configuration Suricata and its rules

Summary

Introduction

Nowadays due to informatization data is gradually moved from various records and archives to computer servers, which is accessible via computer network. Ascribable to growing number and importance of information there are more sophisticated attacks on the network, which is constantly increasing need to protect computer networks from diverse attacks. The aim of this work is to create the concept and design of network architecture and this system, system which has the task of monitoring and management stations for intrusion detection, which should contribute to an even greater degree of protection against possible network attacks. The first part is devoted to the issue of creating the concept and design of network architecture, the second is dedicated configuration Suricata (intrusion detection system) and its rules. This work has to familiarize with the potential for standardization of processed data. These data will be evaluated and visualized in an appropriate manner to the user

Objectives

Results

Conclusion