Distributed Processing of Snort Alert Log using Hadoop

@inproceedings{Cheon2013DistributedPO,
  title={Distributed Processing of Snort Alert Log using Hadoop},
  author={Jeongjin Cheon and Tae-Young Choe},
  year={2013}
}
Snort is a famous tool for Intrusion Detection System (IDS), which is used to gather and analyse network packet in order to decide attacks through network. Until now, although processing a number of warning messages in real time, Snort is executed mainly in single computer systems. Unfortunately, current amount of network messages exceeds processing capacity of single computer systems. In order to embrace the huge amount of network messages, we have constructed a distributed IDS using Hadoop… CONTINUE READING

References

Publications referenced by this paper.
SHOWING 1-10 OF 12 REFERENCES

Exploring and Enhancing the Performance of Parallel IDS on Multi-core Processors

  • 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications
  • 2011
VIEW 2 EXCERPTS

ICAS: An inter-VM IDS Log Cloud Analysis System

  • 2011 IEEE International Conference on Cloud Computing and Intelligence Systems
  • 2011
VIEW 1 EXCERPT

The Hadoop Distributed File System

  • 2010 IEEE 26th Symposium on Mass Storage Systems and Technologies (MSST)
  • 2010
VIEW 1 EXCERPT

HDFS architecture guide

Dhruba Borthakur
  • Hadoop Apache Project (http://hadoop.apache.org/), 2008.
  • 2008
VIEW 1 EXCERPT

TCPdump Data Sets

Felix Wu
  • http://www.cs.ucdavis.edu/~wu/tcpdump/, 2005. JeongJin Cheon et.al / International Journal of Engineering and Technology (IJET) ISSN : 0975-4024 Vol 5 No 3 Jun-Jul 2013 2690
  • 2005
VIEW 1 EXCERPT

A fast pattern matching algorithm for network processor-based intrusion detection system

Rong-Tai Liu, Nen-Fu Huang, Chia-Nan Kao, Chih-Hao Chen
  • IEEE International Conference on Performance, Computing, and Communications, 2004
  • 2004