Abstract
The high need for information technology that can be accessed anywhere and anytime indirectly opens a big opportunity for irresponsible parties to attack and destroy the system. The server farm is one of the targets most hunted by attackers, intending to damage, and even retrieving victim data. One of the efforts to deal with this problem is to add server security by using honeypot. The existence of a honeypot is one of the efforts to prevent system hacking by creating a fake server to divert attackers access. In its application, the logs generated from the honeypot are only letters and numbers, making it difficult to analyze the logs. It became a problem it will being a lot of log data being processed. To make it easier for administrators in analyzing logs, a visualization system using the ELK Stack is proposed. Honeypot and ELK Stack integration can be a security system solution in detecting attacks while providing visualization to administrators. Five testing schemes were carried out to provide a comparative study between the low interaction honeypot Cowrie and Dionaea. Cowrie delivers a better performance detection system (real-time) compared to the detection system offered by Dionaea, and the average delay time is 3.75 seconds, while ELK managed to provide better monitoring results to administrators through its visualization.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.