NCI WEBSITE
NORMA eResearch @NCI Library

Real-Time Threat Detection: Suricata Log Analysis and Visualization for Network

Tools

-, Nikhil (2024) Real-Time Threat Detection: Suricata Log Analysis and Visualization for Network. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (803kB) | Preview
[thumbnail of Configuration Manual]
Preview
 PDF (Configuration Manual)
Download (950kB) | Preview

Abstract

Systems that help in detecting different kinds of intrusions in networks are called Intrusion detection Systems (IDSs). There are many popular IDSs that are used both by companies and individuals in the detection of intrusions. Suricata is one such tool. This tool helps in the detection of intrusions and networks. However, studies need to be conducted based on the data collected in the logs generated by the Suricata. So in the study proposed here a system that uses the Suricata to detect intrusions in a network is proposed. In the study the Suricata is set up on a computer connected to a network and cyber-attacks are simulated to assess its performance of the Suricata in detecting intrusions. Along with detecting intrusions the system proposed in the study sends an email as a notification when the Suricata detects an intrusion. The log generated by Suricata when an attack is detected is uploaded to Google Drive. The data associated with the logs generated by Suricata is analysed and visual representations of the data in the logs are generated. The results of the study show that the Suricata is effective in detecting intrusions and that insights about the kind of attacks can be gained when the data associated with logs of the Suricata is analysed. The email sending and analysis of the data associated with the logs is done using methods in Python.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Pantridge, Michael
UNSPECIFIED
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Q Science > Q Science (General) > Self-organizing systems. Conscious automata > Machine learning
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Ciara O'Brien
Date Deposited: 29 Jul 2025 09:29
Last Modified: 29 Jul 2025 09:29
URI: https://norma.ncirl.ie/id/eprint/8283

Actions (login required)

View Item View Item