Integration of Low Interaction Honeypot and ELK Stack as Attack Detection Systems on Servers

Main Article Content

Fransiska Sisilia Mukti
R. Muhammad Sukmawan


The high need for information technology that can be accessed anywhere and anytime indirectly opens a big opportunity for irresponsible parties to attack and destroy the system. The server farm is one of the targets most hunted by attackers, intending to damage, and even retrieving victim data. One of the efforts to deal with this problem is to add server security by using honeypot. The existence of a honeypot is one of the efforts to prevent system hacking by creating a fake server to divert attackers access. In its application, the logs generated from the honeypot are only letters and numbers, making it difficult to analyze the logs. It became a problem it will being a lot of log data being processed. To make it easier for administrators in analyzing logs, a visualization system using the ELK Stack is proposed. Honeypot and ELK Stack integration can be a security system solution in detecting attacks while providing visualization to administrators. Five testing schemes were carried out to provide a comparative study between the low interaction honeypot Cowrie and Dionaea. Cowrie delivers a better performance detection system (real-time) compared to the detection system offered by Dionaea, and the average delay time is 3.75 seconds, while ELK managed to provide better monitoring results to administrators through its visualization.

Article Details



Agustino, D. P., Priyoatmojo, Y., & Safitri, N. W. W. (2017). Implementasi Honeypot Sebagai Pendeteksi Serangan dan Melindungi Layanan Cloud Computing. Konferensi Nasional Sistem & Informatika, 196–201.

Arifin, M. N., Sugiartowo, & Susilowati, E. (2018). Desain dan Implementasi Log Event Management Server Menggunakan Elasticsearch Logstash Kibana (ELK STACK). Seminar Nasional Sains Dan Teknologi, 1–7. – 8416

Arkaan, N., & Sakti, D. V. S. Y. (2019). Implementasi Low Interaction Honeypot Untuk Peningkatan Keamanan dan Analisa Serangan pada Protokol SSH. Jurnal Nasional Teknologi Dan Sistem Informasi, 5(2), 112–120.

Cahyanto, T. A., Oktavianto, H., & Royan, A. W. (2016). Analisis Dan Implementasi Honeypot Menggunakan Dionaea Sebagai Penunjang Keamanan Jaringan. Jurnal Sistem Dan Teknologi Informasi Indonesia, 1(2), 86–92.

Cisco. (n.d.). Snort - Network Intrusion Detection & Prevention System. Retrieved November 20, 2020, from

Dawson, C. W. (2009). Projects in Computing and Information Systems. In Information Systems Journal (Vol. 2).

Elasticsearch B.V. (2020). What is the ELK Stack?

Livshitz, I. (2020). What’s the Difference Between a High Interaction Honeypot and a Low Interaction Honeypot?

Mardiyanto, B., Indriyani, T., Suartana, I. M., & Kunci, K. (2016). Analisis Dan Implementasi Honeypot Dalam Mendeteksi Serangan Distributed Denial-Of-Services (DDOS) Pada Jaringan Wireless. Integer Journal, 1(2), 32–42.

Mukti, F. S. (2019). Studi Komparatif Empat Model Propagasi Empiris Dalam Ruangan untuk Jaringan Nirkabel Kampus. Jurnal Teknologi Dan Sistem Komputer, 7(4), 154–160.

Nawrocki, M., Wählisch, M., Schmidt, T. C., Keil, C., & Schönfelder, J. (2016). A Survey on Honeypot Software and Data Analysis.

Oosterhof, M. (n.d.). Cowrie Honeypot. Retrieved November 20, 2020, from

Project, C. (n.d.). Dionaea Honeypot. Retrieved November 20, 2020, from

Putra, Y. S., Indriastuti, M. T., & Mukti, F. S. (2020). Optimalisasi Nilai Throughput Jaringan Laboratorium Menggunakan Metode Hierarchical Token Bucket (Studi Kasus: Stmik Asia Malang). Network Engineering Research Operation, 5(2), 83.

Romadhan, I. A., Syaifudin, & Akbi, D. R. (2020). Implementasi Multiple Honeypot Dengan Rasberry Pi Dan Visualisasi Log Honeypot Menggunakan Elk Stack. REPOSITOR, 2(4), 20.

S, A. K., Bandyopadhyay, A., Bhoomika, H., Singhania, I., & Shah, K. (2018). Analysis of Network Traffic and Security through Log Aggregation. International Journal of Computer Science and Information Security (IJCSIS), 16(6), 124–131.

Sukardi. (2013). Metodologi Penelitian Pendidikan. Bumi Aksara.

Tambunan, B., Raharjo, W. S., & Purwadi, J. (2013). Desain dan Implementasi Honeypot dengan Fwsnort dan PSAD sebagai Intrusion Prevention System. Jurnal ULTIMA Computing, 5(1), 1–7.