Abstract
The paper presents an automated framework that stimulates the campus network traffic to detect and prevent the malicious network activities and visualization of the logs using customized reporting dashboards on a real-time basis over the university campus network. The framework combines open source tools to give a realistic analysis of the network traffic using the detection and prevention engine. The detected malicious events by the engine are then processed by the elastic cluster for visualization of the threats. The framework measures the detection of the events and generates alerts, which shows that the engine performs better with elastic cluster which works on NoSQL for real-time incidence reporting. Once the system gets trained, the framework automatically blocks the attack as per the severity threat for further propagation in the future, over the network. This helps to secure and increase the performance of the campus networks using open source libraries and reduces the financial burdens due to commercial threat detection and prevention systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Gaigole, M.S., et al.: The study of network security with its penetrating attacks and possible security mechanisms. Int. J. Comput. Sci. Mobile Comput. 4(5), 728–735 (2015)
Stanger, J.: Detecting intruders with Suricata. http://www.admin-magazine.com/Articles/Detecting-intruders-with-Suricata. Accessed 2018
Kostrecová, E., BÃnová, H.: Security information and event management. Paripex-Indian J. Res. 4(2) (2015)
Mohamed, A.B., Idris, N.B., Shanmugum, B.: A brief introduction to intrusion detection system. In: International Conference on Intelligent Robotics, Automation, and Manufacturing, CCIS 330, pp. 263–271 (2012)
Blumenthal: Intrusion-Prevention Systems and Enterprise Architecture, 29 Jan 2008. http://www.andyblumenthal.com/2008_01_01_archive.html. Accessed 2018
Waagsnes, H.: SCADA intrusion detection system test framework. Master’s thesis, Department of Information and Communication Technology, Faculty of Engineering and Science University of Agder Grimstad, 21 May 2017
Waagsnes, H., Ulltveit-Moe, N.: Intrusion detection system test framework for SCADA Systems. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy (ICISSP 2018), pp. 275–285. https://doi.org/10.5220/0006588202750285
Saif, A.: IDPS—Intrusion Detection Prevention Systems, COURSE TITLE CSCE 522. https://www.coursehero.com/file/14996872/IDPS/. Accessed 2018
Ish, J., Jaentsch, K.: py-idstools: Snort and Suricata rule and event utilities in python. https://github.com/jasonish/py-idstools (2013). Accessed 2018
Khamphakdee, N., Benjamas, N., Saiyod, S.: Improving intrusion detection system based on snort rules for network probe attack detection. In: 2014 2nd International Conference on Information and Communication Technology (ICoICT), Bandung, pp. 69–74 (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Mahajan, A., Ramotra, A.K., Mansotra, V., Singh, M. (2020). An Automated Framework to Uncover Malicious Traffic for University Campus Network. In: Zhang, YD., Mandal, J., So-In, C., Thakur, N. (eds) Smart Trends in Computing and Communications. Smart Innovation, Systems and Technologies, vol 165. Springer, Singapore. https://doi.org/10.1007/978-981-15-0077-0_11
Download citation
DOI: https://doi.org/10.1007/978-981-15-0077-0_11
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-0076-3
Online ISBN: 978-981-15-0077-0
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)