Data Visualization for Building a Cyber Attack Monitoring Dashboard Based on Honeypot

Authors

  • I Gede Adnyana Institut Bisnis dan Teknologi Indonesia
  • Ayu Manik Dirgayusari Institut Bisnis dan Teknologi Indonesia
  • Ketut Jaya Atmaja Institut Bisnis dan Teknologi Indonesia

DOI:

10.33395/sinkron.v8i4.14144

Keywords:

Cowrie, Dionaea, ELK Stack, Honeypot, Network Security

Abstract

Computer networks are essential for modern life, enabling efficient global information exchange. However, as technology advances, network security challenges grow. To enhance security, honeypots are used alongside firewalls, mimicking legitimate systems to attract hackers and analyze their attack methods. In this research, Cowrie and Dionaea honeypots are implemented. Cowrie targets brute force attacks on SSH, while Dionaea detects port scanning and denial of service (DoS) attacks. These honeypots effectively capture and log malicious activities, providing insights into attack patterns. The collected data is analyzed using the ELK Stack, which offers real-time visualization of attack trends, frequency, and methods. This analysis helps security teams quickly identify and mitigate threats. The integration of honeypots with the ELK Stack significantly enhances network defense by improving detection, analysis, and response to cyber threats. The analysis of the results shows that both honeypots effectively capture and record malicious activities entering the network, providing critical insights into the attack patterns employed by attackers. Within just minutes of deployment, the honeypots logged over 1,000 attacks, predominantly originating from botnets attempting to exploit system vulnerabilities. The captured log data is processed through the ELK Stack, allowing for real-time visualization of attack patterns, including geographic origins, attack frequency, and methods used. This enables security teams to proactively identify trends, assess risks, and implement targeted mitigation strategies more efficiently.

GS Cited Analysis

Downloads

Download data is not yet available.

References

Alzoubi, W. A., & Alrashdan, M. T. (2022). The effect of using honeypot network on system security. International Journal of Data and Network Science, 6(4), 1413–1418. https://doi.org/10.5267/j.ijdns.2022.5.010

Amal, M. R., & Venkadesh, P. (2022). Review of cyber attack detection: Honeypot system. Webology, 19(1), 5497–5514. https://doi.org/10.14704/WEB/V19I1/WEB19370

Gupta, C., Van Ede, T., & Continella, A. (2023). HoneyKube: Designing and Deploying a Microservices-based Web Honeypot. Proceeding - 44th IEEE Symposium on Security and Privacy Workshops, SPW 2023. https://doi.org/10.1109/SPW59333.2023.00005

Javadpour, A., Ja’fari, F., Taleb, T., Shojafar, M., & Benzaïd, C. (2024). A comprehensive survey on cyber deception techniques to improve honeypot performance. Computers & Security, 140(1), 103792. https://doi.org/10.1016/j.cose.2024.103792

Matin, I. M. M., & Rahardjo, B. (2020). The Use of Honeypot in Machine Learning Based on Malware Detection: A Review. 2020 8th International Conference on Cyber and IT Service Management, CITSM 2020. https://doi.org/10.1109/CITSM50537.2020.9268794

Mispriatin, M., Ginting, J. G. A., & Arifwidodo, B. (2022). Analisis Kinerja Honeypot Dionaea Dan Cowrie Dalam Mendeteksi Serangan. Prosiding Seminar Nasional Teknoka, 6, 170–178. https://doi.org/10.22236/teknoka.v6i1.448

Mondal, A., & Goswami, R. T. (2021). Enhanced Honeypot cryptographic scheme and privacy preservation for an effective prediction in cloud security. Microprocessors and Microsystems, 81(1), 103719. https://doi.org/10.1016/j.micpro.2020.103719

Natanegara, T., Muhyidin, Y., & Singasatia, D. (2023). IMPLEMENTASI HONEYPOT COWRIE DAN SNORT SEBAGAI ALAT DETEKSI SERANGAN PADA SERVER. JATI (Jurnal Mahasiswa Teknik Informatika), 7(3), 1871–1877. https://doi.org/10.36040/jati.v7i3.6989

Pratama, M. A., Setiawan, H., & Mair, Z. R. (2023). Implementasi Honeypot Sebagai Pendeteksi Serangan Pada Virtual Private Server (VPS). Jurnal Software Engineering and Computational Intelligence, 1(1), 26–39. https://doi.org/10.36982/jseci.v1i1.3045

Purba, W. W., & Efendi, R. (2021). Perancangan dan analisis sistem keamanan jaringan komputer menggunakan SNORT. AITI, 17(2), 143–158. https://doi.org/10.24246/aiti.v17i2.143-158

Sholihah, W., Pripambudi, S., & Mardiyono, A. (2020). Log Event Management Server Menggunakan Elastic Search Logstash Kibana (ELK Stack). JTIM : Jurnal Teknologi Informasi Dan Multimedia, 2(1), 12–20. https://doi.org/10.35746/jtim.v2i1.79

Stoleriu, R., Puncioiu, A., & Bica, I. (2021). Cyber Attacks Detection Using Open Source ELK Stack. Proceedings of the 13th International Conference on Electronics, Computers and Artificial Intelligence, ECAI 2021. https://doi.org/10.1109/ECAI52376.2021.9515120

Sun, Y., Tian, Z., Li, M., Su, S., Du, X., & Guizani, M. (2020). Honeypot identification in softwarized industrial cyber–physical systems. IEEE Transactions on Industrial Informatics, 17(8), 5542–5551. https://doi.org/10.1109/TII.2020.3044576

Ubaidillah, U., Taryo, T., & Hindasyah, A. (2023). Analisis dan Implementasi Honeypot Honeyd Sebagai Low Interaction Terhadap Serangan Distributed Denial Of Service (DDOS) dan Malware. JTIM : Jurnal Teknologi Informasi Dan Multimedia, 5(3), 208–217. https://doi.org/10.35746/jtim.v5i3.405

Wastumirad, A. W., & Darmawan, M. I. (2021). Implementasi Honeypot Menggunakan Dionaea Dan Kippo Sebagai Penunjang Keamanan Jaringan Komunikasi Komputer. Jurnal Teknologi, 9(1), 80–91. https://doi.org/10.31479/jtek.v9i1.119

Wibawa, G. H. P., Sasmita, I. G. M. A., & Raharja, I. M. S. (2020). Analisis Data Log Honeypot Menggunakan Metode K-Means Clustering. Jurnal Ilmiah Merpati (Menara Penelitian Akademika Teknologi Informasi), 8(1), 13–21. https://doi.org/10.24843/jim.2020.v08.i01.p02

Yang, X., Yuan, J., Yang, H., Kong, Y., Zhang, H., & Zhao, J. (2023). A Highly Interactive Honeypot-Based Approach to Network Threat Management. Future Internet, 15(4), 127. https://doi.org/10.3390/fi15040127

Yudhistira, A., & Fitrisia, Y. (2023). MONITORING LOG SERVER DENGAN ELASTICSEARCH, LOGSTASH DAN KIBANA (ELK). Rabit : Jurnal Teknologi Dan Sistem Informasi Univrab, 8(1), 124–134. https://doi.org/10.36341/rabit.v8i1.2975

Yudyanto, N., Syaifuddin, S., & Azhar, Y. (2020). Integrasi Modern Honey Network Dengan Grafana Untuk Visualisasi. Jurnal Repositor, 2(10), 1380–1389. https://doi.org/10.22219/repositor.v2i10.1047

Yugitama, R., Kartika Rachman, P. P., & Sulistyo, S. (2020). EFISIENSI MONITORING HONEYPOT DENGAN MENGGUNAKAN VISUALISASI DAN OTOMATISASI LAPORAN LOG SERANGAN. JURNAL IT, 10(3), 1–14. https://doi.org/10.37639/jti.v10i3.138

Zmaranda, D. R., Moisi, C. I., Győrödi, C. A., Győrödi, R. Ş., & Bandici, L. (2021). An analysis of the performance and configuration features of MySQL document store and elasticsearch as an alternative backend in a data replication solution. Applied Sciences, 11(24), 11590. https://doi.org/10.3390/app112411590

Downloads


Crossmark Updates

How to Cite

I Gede Adnyana, Ayu Manik Dirgayusari, & Ketut Jaya Atmaja. (2024). Data Visualization for Building a Cyber Attack Monitoring Dashboard Based on Honeypot. Sinkron : Jurnal Dan Penelitian Teknik Informatika, 8(4), 2510-2518. https://doi.org/10.33395/sinkron.v8i4.14144

Issue

Vol. 8 No. 4 (2024): Article Research Volume 8 Issue 4, October 2024

Section

Articles

License

Copyright (c) 2024 I Gede Adnyana, Ayu Manik Dirgayusari, Ketut Jaya Atmaja

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

Crossref
Scopus
Google Scholar
Europe PMC