Hello, I am Subashini, a graduate student. I am interested in doing my project in Network Security. I have a doubt related to it. The aim is to detect DoS/DDoS attacks using the application. I am going to use ELK (ElasticSearch, Logstash, Kibanna) for processing the logs (Log Analytics). My doubt is regarding how do we generate logs for detecting this attack? As I am new to this process, I am not sure about it. Also, if it is possible to do any other attacks similar to this, you can please give a hint about it. Could anyone please help with this, it would be a great help!! -- Thank You. With Regards, H.Subashini
On 6/10/16 10:39 PM, subashini hariharan wrote:
Hello,
I am Subashini, a graduate student. I am interested in doing my project in Network Security. I have a doubt related to it.
The aim is to detect DoS/DDoS attacks using the application. I am going to use ELK (ElasticSearch, Logstash, Kibanna) for processing the logs (Log Analytics).
My doubt is regarding how do we generate logs for detecting this attack? As I am new to this process, I am not sure about it.
lots of dos simply isn't targeting the application layer or even the host especially. So, that stuff will rarely bubble up via syslog for example until machines start to run into trouble. rather it will be exposed via flow data or the frequent collection of interface counters.
Also, if it is possible to do any other attacks similar to this, you can please give a hint about it.
Could anyone please help with this, it would be a great help!!
participants (2)
-
joel jaeggli
-
subashini hariharan