Integrated Network Monitoring using Zabbix with Push Notification via Telegram

Authors

  • Mohd Faris Mohd Fuzi Universiti Teknologi MARA, Perlis Branch, Arau Campus
  • Nur Fatin Mohammad Ashraf Universiti Teknologi MARA, Perlis Branch, Arau Campus
  • Muhammad Nabil Fikri Jamaluddin Universiti Teknologi MARA, Perlis Branch, Arau Campus

DOI:

https://doi.org/10.24191/jcrinn.v7i1.282

Keywords:

Network Monitoring, Zabbix, Ping Flood, SYN Flood, Telegram

Abstract

The world is becoming increasingly dependent on online services. To offer a service, a network must be in good health and free of any attacks. An attack happens when the confidentiality, integrity, or availability of a service is compromised. Network monitoring is a solution capable of maintaining these network devices from their usage up to detecting attacks. A denial of service (DoS) attack on a network can affect the network performance and can cause serious damage. Zabbix is an open-source network monitoring tool that is versatile and can be used to monitor hosts on a network. The purpose of this project is to detect possible ping and SYN flooding attempts on a server and send alerts to the administrator via Telegram. This project uses Zabbix to monitor a server for potential ping and SYN flooding attacks. Tcpdump is used to log the pings received by the server. When the server continuously receives 10 or more pings per second, an alert will be automatically generated and sent to the administrator via Telegram. Similarly, a SYN flood attack is detected by using netstat’s SYN_RECV flags. When the server continuously receives more than 10 SYN packets without an ACK packet, Zabbix will generate alerts that are sent via Telegram and update the dashboard to show a problem. Zabbix was able to accurately detect all ping flooding attempts on the server. However, SYN flooding attacks were not as accurately detected. The use of Zabbix can be implemented in small businesses or networks for an automated monitoring system. Future work can include more DDoS attacks and adding countermeasure actions when detecting attacks by blocking the IP or port associated with the attack. SYN flooding detection needs to be improved because only two out of three attacks were able to be caught.

Downloads

Download data is not yet available.

References

Abid, K. (2020). Ping Flood Attack Detection via Wireshark. International Journal of Advanced Science and Technology, 29(5), 9595–9601.

Barbu, I. D., Pascariu, C., Bacivarov, I. C., Axinte, S. D., & Firoiu, M. (2017). Intruder monitoring system for local networks using python. Proceedings of the 9th International Conference on Electronics, Computers and Artificial Intelligence, 1–4. https://doi.org/10.1109/ECAI.2017.8166457

Birkinshaw, C., Rouka, E., & Vassilakis, V. G. (2019). Implementing an intrusion detection and prevention system using software-defined networking: Defending against port-scanning and denial-of-service attacks. Journal of Network and Computer Applications, 136(February), 71–85. https://doi.org/10.1016/j.jnca.2019.03.005

Gayathri, R., & Neelanarayanan, V. (2018). DoS detection solution for cloud platform using SNMP. International Journal of Pure and Applied Mathematics, 118(23), 175–183.

Hakim, A. R., Rinaldi, J., & Setiadji, M. Y. B. (2020). Design and Implementation of NIDS Notification System Using WhatsApp and Telegram. 8th International Conference on Information and Communication Technology, 4–7. https://doi.org/10.1109/ICoICT49345.2020.9166228

Johnson, R., & Elizabeth, N. E. (2018). Network’s server monitoring and analysis using Nagios. Proceedings of the 2017 International Conference on Wireless Communications, Signal Processing and Networking, 1904–1909. https://doi.org/10.1109/WiSPNET.2017.8300092

Mardiyono, A., Sholihah, W., & Hakim, F. (2020). Mobile-based Network Monitoring System Using Zabbix and Telegram. International Conference on Computer and Informatics Engineering, 473–477. https://doi.org/10.1109/ic2ie50715.2020.9274582

Nobles, C. (2018). Botching Human Factors in Cybersecurity in Business Organizations. HOLISTICA – Journal of Business and Public Administration, 9(3), 71–88. https://doi.org/10.2478/hjbpa-2018-0024

Salunkhe, H. S., Jadhav, S., & Bhosale, V. (2017). Analysis and Review of TCP SYN Flood Attack on Network with Its Detection and Performance Metrics. International Journal of Engineering Research And, V6(01), 250–256. https://doi.org/10.17577/ijertv6is010218

Sulistya, I. M. A., & Sasmita, G. M. A. (2020). Network Security Monitoring System on Snort with Bot Telegram as a Notification. International Journal of Computer Applications Technology and Research, 9(2), 059–064. https://doi.org/10.7753/ijcatr0902.1004

Downloads

Published

2022-03-30

How to Cite

Mohd Fuzi, M. F., Mohammad Ashraf, N. F., & Jamaluddin, M. N. F. (2022). Integrated Network Monitoring using Zabbix with Push Notification via Telegram. Journal of Computing Research and Innovation, 7(1), 155–163. https://doi.org/10.24191/jcrinn.v7i1.282

Issue

Section

General Computing

Most read articles by the same author(s)

<< < 1 2