VISUALIZATION OF TRAFFIC MONITORING IN OPENFLOW NETWORK WITH ELK STACK
The number of Internet users is rising over time. This becomes a challenge for networks to allow increased number of users while maintaining performance. Networks nowadays suffer from scalability issues due to the need of configuring every single device in the network, which consumes time and resour...
Saved in:
| Main Author: | |
|---|---|
| Format: | Final Project |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/48209 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| id |
id-itb.:48209 |
|---|---|
| spelling |
id-itb.:482092020-06-27T20:26:00ZVISUALIZATION OF TRAFFIC MONITORING IN OPENFLOW NETWORK WITH ELK STACK Athalah, Faza Indonesia Final Project Snort, Elasticsearch, Logstash, Kibana, Trojan, DDoS, Dashboard INSTITUT TEKNOLOGI BANDUNG https://digilib.itb.ac.id/gdl/view/48209 The number of Internet users is rising over time. This becomes a challenge for networks to allow increased number of users while maintaining performance. Networks nowadays suffer from scalability issues due to the need of configuring every single device in the network, which consumes time and resources. The solution to this problem is Software-Defined Networking (SDN). SDN centralizes management of every device into one management point, which saves a lot of time. SDN is also programmable, meaning the administrator can install custom security protocols on the network. SDN does not have a simple and clear monitoring interface for administrators to notice what is happening in the network, which is a problem. This final project’s objective is to design a user-friendly monitoring visualization system that shows clear information on what is happening in the network and understandable to all kinds of users. This is done using Snort, Elasticsearch, Logstash, and Kibana. Snort will generate a file containing event logs of the network in JSON format. The file will then be transferred to Elasticsearch using Logstash. Kibana will then retrieve the data for visualization. The monitoring visualization will take form of a Dashboard. The Dashboard is designed specifically to show information realted to two kinds of network attacks, namely Trojan and DDoS attack. The Dashboard contains 10 charts, in which the data shown on the chart is in accordance to a specified time range. The Dashboard can only be accessed by a Network Administrator. Network Administrator can modify the Dashboard by either changing the time range, changing the contents of the Dashboard, and saving the static Dashboard in the form of embed, code, PDF, and PNG. After doing system testing by simulating Trojan and DDoS attack, the system successfully visualizes clear information that indicate network attacks in accordance to a specified time range. text |
| institution |
Institut Teknologi Bandung |
| building |
Institut Teknologi Bandung Library |
| continent |
Asia |
| country |
Indonesia Indonesia |
| content_provider |
Institut Teknologi Bandung |
| collection |
Digital ITB |
| language |
Indonesia |
| description |
The number of Internet users is rising over time. This becomes a challenge for networks to allow increased number of users while maintaining performance. Networks nowadays suffer from scalability issues due to the need of configuring every single device in the network, which consumes time and resources. The solution to this problem is Software-Defined Networking (SDN). SDN centralizes management of every device into one management point, which saves a lot of time. SDN is also programmable, meaning the administrator can install custom security protocols on the network. SDN does not have a simple and clear monitoring interface for administrators to notice what is happening in the network, which is a problem.
This final project’s objective is to design a user-friendly monitoring visualization system that shows clear information on what is happening in the network and understandable to all kinds of users. This is done using Snort, Elasticsearch, Logstash, and Kibana. Snort will generate a file containing event logs of the network in JSON format. The file will then be transferred to Elasticsearch using Logstash. Kibana will then retrieve the data for visualization. The monitoring visualization will take form of a Dashboard. The Dashboard is designed specifically to show information realted to two kinds of network attacks, namely Trojan and DDoS attack. The Dashboard contains 10 charts, in which the data shown on the chart is in accordance to a specified time range. The Dashboard can only be accessed by a Network Administrator. Network Administrator can modify the Dashboard by either changing the time range, changing the contents of the Dashboard, and saving the static Dashboard in the form of embed, code, PDF, and PNG.
After doing system testing by simulating Trojan and DDoS attack, the system successfully visualizes clear information that indicate network attacks in accordance to a specified time range. |
| format |
Final Project |
| author |
Athalah, Faza |
| spellingShingle |
Athalah, Faza VISUALIZATION OF TRAFFIC MONITORING IN OPENFLOW NETWORK WITH ELK STACK |
| author_facet |
Athalah, Faza |
| author_sort |
Athalah, Faza |
| title |
VISUALIZATION OF TRAFFIC MONITORING IN OPENFLOW NETWORK WITH ELK STACK |
| title_short |
VISUALIZATION OF TRAFFIC MONITORING IN OPENFLOW NETWORK WITH ELK STACK |
| title_full |
VISUALIZATION OF TRAFFIC MONITORING IN OPENFLOW NETWORK WITH ELK STACK |
| title_fullStr |
VISUALIZATION OF TRAFFIC MONITORING IN OPENFLOW NETWORK WITH ELK STACK |
| title_full_unstemmed |
VISUALIZATION OF TRAFFIC MONITORING IN OPENFLOW NETWORK WITH ELK STACK |
| title_sort |
visualization of traffic monitoring in openflow network with elk stack |
| url |
https://digilib.itb.ac.id/gdl/view/48209 |
| _version_ |
1822927852952092672 |