Implementing Secure Cluster using Hadoop and Snort for ID (Intrusion Detection).



Rating  0
Views   42
رفاه محمد كاظم المطيري
03/03/2019 18:39:50

Abstract Among the best ways for someone or a company to get famous and well known is through certain electronic media using web applications to make customers know what companies have through their websites, as the formers shop and inquire through web services of the latter’s. Therefore, it is necessary to protect the website against any attack by those who are not interested in the progress of high-level companies and the spread of their fame. One of the attacks that the Web server is likely to experience is the Denial of Service Distributed (DDOS), across the application layer. The increased volume of data resulting from the attack makes the current detection systems inefficient to detect the hacker. In this research, a new methodology is proposed to detect and prevent attacks through the use of Hadoop framework, which will accelerate the analysis of data to discover the attack and deliver it to the Snort to be blocked and stop harm. After the analysis of the data we found that the proposed system could provide a 99.01% reduction rate, 99.27%, 99.72% for the original alerts 1668, 2182, and 2698 respectively, compared to the traditional model.


وصف الــ Tags لهذا الموضوع   Keywords—Web server, Apache Hadoop, DoS, MapReduce, Snort, DDoS, BigData.