Publisher : Smart Innovation, Systems and Technologies
Campus : Coimbatore
School : School of Engineering
Center : TIFAC CORE in Cyber Security
Year : 2019
An intrusion can be defined as a group of actions or events that try to compromise the confidentiality, integrity, and availability of a computer system. An intrusion detection system records information about certain events and produces reports for the administrators in the real time by analyzing the data obtained from the events. The objective of this paper is to find abnormal activity patterns of users from a huge amount of semi-structured server log file. The system analyzes the log data by using an open-source framework named Hadoop. At the end, results will be visualized using RStudio. The output plots will help in differentiating between the normal users and the intruders in a particular network. After getting the intruders’ data, the network administrators can observe and react accordingly to minimize the further loss in that network. © Springer Nature Singapore Pte Ltd. 2019.