Cyberattack detection model using deep learning in a network log system with data visualization

被引:0
作者
Jung-Chun Liu
Chao-Tung Yang
Yu-Wei Chan
Endah Kristiani
Wei-Je Jiang
机构
[1] Tunghai University,Department of Computer Science
[2] Tunghai University,Research Center for Smart Sustainable Circular Economy
[3] Tunghai University,Research Center for Nanotechnology
[4] Providence University,College of Computing and Informatics
[5] Tunghai University,Department of Industrial Engineering and Enterprise Information
[6] Krida Wacana Christian University,Department of Informatics
来源
The Journal of Supercomputing | 2021年 / 77卷
关键词
Information security; ELK stack; DDoS; Cyberattack; Deep learning;
D O I
暂无
中图分类号
学科分类号
摘要
Network log data is significant for network administrators, since it contains information on every event that occurs in a network, including system errors, alerts, and packets sending statuses. Effectively analyzing large volumes of diverse log data brings opportunities to identify issues before they become problems and to prevent future cyberattacks; however, processing of the diverse NetFlow data poses challenges such as volume, velocity, and veracity of log data. In this study, by means of Elasticsearch, Logstash, and Kibana, i.e., the ELK Stack, we construct an analysis and management system for network log data, which provides functions to filter, analyze, and display network log data for further applications and creates data visualization on a Web browser. In addition, an advanced cyberattack detection model is facilitated using deep neural network (DNN), recurrent neural networks (RNN), and long short-term memory (LSTM) approaches. By knowing cyberattack behaviors and cross-validating with the log analysis system, one can learn from this model the characteristics of a variety of cyberattacks. Finally, we also implement Grafana to perform metrics monitoring.
引用
收藏
页码:10984 / 11003
页数:19
相关论文
共 95 条
  • [1] Carela-Español V(2011)Analysis of the impact of sampling on NetFlow traffic classification Comput Netw 55 1083-1099
  • [2] Barlet-Ros P(2019)Cyberattack detection in SCADA systems using temporal pattern recognition techniques Comput Secur 84 225-238
  • [3] Cabellos-Aparicio A(2018)Web traffic anomaly detection using C-LSTM neural networks Expert Syst Appl 106 66-76
  • [4] Solé-Pareta J(2019)Understanding flows in high-speed scientific networks: a netflow data study Future Gener Comput Syst 94 72-79
  • [5] Kalech M(2018)Distributing extreme learning machines with apache spark for netflow-based malware activity detection Pattern Recogn Lett 101 14-20
  • [6] Kim TY(2018)A scalable distributed machine learning approach for attack detection in edge computing environments J Parallel Distrib Comput 119 18-26
  • [7] Cho SB(2020)On construction of sensors, edge, and cloud (ISEC) framework for smart system integration and applications IEEE Internet Things J 8 309-319
  • [8] Kiran M(2019)An effective security measures for nuclear power plant using big data analysis approach J Supercomput 75 4267-4294
  • [9] Chhabra A(2019)CNN and RNN based payload classification methods for attack detection Knowl-Based Syst 163 332-341
  • [10] Kozik R(2019)Modeling and control of cyber-physical systems subject to cyber attacks: a survey of recent advances and challenges Neurocomputing 338 101-115
12345678910