The Implementation of a Network Log System Using RNN on Cyberattack Detection with Data Visualization

Abstract

Network log data is essential to web administrator, which provides information such as, system error, cyberattack warning, mobile data gigabytes, message sending status, and so on. Managing the massive volume of log data give a challenge and an opportunity. It would be a challenge for administering large amounts of log data, and an opportunity to prevent future cyberattacks. In this paper, we aim to provide a network log data management, which can do visualization analyzing using Elasticsearch, Logstash, and Kibana (ELK Stack). In the ELK Stack technology, we can create filter, screen and analyze network log database on different purpose, and apply visualization effects on the web browser. Also, we propose a deep learning model using RNN for advanced network attack detection. From the model, we can learn the characteristics of each cyberattack by knowing network attack features and then cross-validation with the analysis information on the log system. Finally, we do the performance metric test using Grafana.