THE BASIC MODES OF THE INTRUSION PREVENTION SYSTEM (IDS/IPS SURICATA) FOR THE COMPUTING CLUSTER

  • Алексей Сергеевич Бондяков Joint Institute for Nuclear Research; Institute of Physics Azerbaijan National Academy of Sciences

Abstract

This article aims to test the Suricata intrusion prevention system and consider its use as a primary or additional tool for securing the computing cluster. For solve this task, we tested the operation of this system in the IDS and IPS modes. To evaluate the performance of the system under test, the CPU utilization and CPU load average counters were used. The data was obtained through the system of monitoring the data center of the Institute of Physics of the National Academy of Sciences of Azerbaijan on the basis of the ZABBIX platform. In this article, describes the installation of Suricata and the configuration of its main parameters and the possibility of optimizing the operating modes of Suricata is shown depending on the hardware resources, for example, the number of cores. The cloud segment of the data center of the Institute of Physics of the National Academy of Sciences of Azerbaijan was used as a testing ground, which in its turn is a part of the JINR LIT's cloud infrastructure. The results demonstrate the ability of Suricata detecting threats and responding to them in a timely manner, which significantly increases the level of security. In addition, this article shows the capabilities of the cloud segment and the monitoring system of the data center of the Institute of Physics of NAS of Azerbaijan, with the help of which testing was conducted.

Author Biography

Алексей Сергеевич Бондяков, Joint Institute for Nuclear Research; Institute of Physics Azerbaijan National Academy of Sciences

Software Engineer, Laboratory of Information Technologies

References

1. Snort [электронный ресурс] // URL: https://www.snort.org (дата обращения 25.09.2017)
2. Suricata-ids [электронный ресурс] // URL: https://suricata-ids.org (дата обращения 25.09.2017)
3. Baranov A.V., Balashov N.A., Kutovskiy N.A., Semenov R.N. JINR cloud infrastructure evolution //Physics of Particles and Nuclei Letters. — 2016. — Vol. 13, Issue 5. — P. 672-675.
4. Abdinov O., Bondyakov A., Khalilova Sh., Orujova N. XXIV International Symposium NEC 2013, Conception GRID Infrastructure in Azerbaijan, p.9-12.
5. Bondyakov A.S. Basic directions of information technology in National Academy of Sciences of Azerbaijan // Computer Research and Modeling, 2015, Т.7, №3,С657-660. (in Russian)
6. Bondyakov A.S. CEUR Workshop Proceedings, Vol-1787, urn:nbn:de:0074-1787-5, Инфраструктура и основные задачи дата-центра института физики НАН Азербайджана, P. 150-155 //http://ceur-ws.org/Vol-1787/150-155-paper-25.pdf
7. Opennebula [электронный ресурс] // URL: https://opennebula.org (дата обращения 25.09.2017)
Published
2017-10-01
How to Cite
БОНДЯКОВ, Алексей Сергеевич. THE BASIC MODES OF THE INTRUSION PREVENTION SYSTEM (IDS/IPS SURICATA) FOR THE COMPUTING CLUSTER. Modern Information Technologies and IT-Education, [S.l.], v. 13, n. 3, p. 31-37, oct. 2017. ISSN 2411-1473. Available at: <http://sitito.cs.msu.ru/index.php/SITITO/article/view/287>. Date accessed: 06 aug. 2025. doi: https://doi.org/10.25559/SITITO.2017.3.629.
Section
Parallel and distributed programming, grid technologies, programming on GPUs