Utilizing Instant Messaging for Real-Time Notification and Information Retrieval of Snort Intrusion Detection System

by Hargyo Tri Nugroho,Bagas Adi Wicaksono
( Universitas Multimedia Nusantara, PT. Lyto Datarindo Fortuna, Indonesia )

Date Published: 02 Dec 2013
Published In: Information Systems International Conference (ISICO)
Volume: 2013
Publisher: Departemen Sistem Informasi, Institut Teknologi Sepuluh Nopember
Language: id-ID

Keywords: Intrusion Detection System,Snort Real time,Notification Instant Messaging,Command Line Interface

Abstract

Snort is widely used Intrusion Detection System (IDS) software for detecting security incidents on the network. The Snort alerts are stored in a database that can be accessed by additional interfaces such as BASE web application. That architecture should be checked periodically to avoid missing an attack. However it is possible, an attack known sometime after the event so that the response may be too late to do. This research aims to build a cheap and reliable solution for Snort reporting system that provides notification of Snort alerts in a real time manner which can be accessed mobile. We utilize an instant messaging application to alert the user and as a command line interface (CLI) that enables user to obtain detail information of each alert sent by the server. Experiment results show that the system is able to send notifications to the user within an acceptable delay interval of 0.87 seconds, on average.


© 2024 Open Access Journal of Information Systems (OAJIS) | created by : radityo p.w (http://about.me/radityopw) and rully a.h (eraha99 [at] gmail.com)