Using SNORT and AFTERGLOW to detect and visualize all malicious attacks within IaaS Cloud COmputing Systems


Cloud computing provides a flexible and scalable information infrastructure to users. It attracts various customers. Unfortunately Cloud Infrastructure as a Service suffered security breaches. For this project we would download Afterglow through the DAVIX Live CD. It would pipe all step into a simple command. We would interact Intrusion Detection Systems and Afterglow in order to detect, visualize all benign detail of data and to generate link graphs. We would identify the source IP, destination IP and destination Port of the connection. Snort Packet Processing created Sniff.pcap. To convert sniff.pcap to a CSV file we executed: Tcpdump –vttttnneli eth0 > tcpdump.log | usr/local/bin/ “sip dip dport” < tcpdump.log >sniff.csv allowed us to select a number of possible file to be written to the CSV output, including timestamp, destination IP, source IP and destination Port.

Intellectual Merit

-To understand Snort Packet Processing and using Afterglow to facilitate the process of generating link graphs and visualization.
-Snort and Afterglow provide overviews and detailed views of network traffic.

Broader Impact

-Interacting Snort and Afterglow would help users to identify the detail benign of all malicious attacks

Use of FutureGrid

I will enjoy using FutureGrid for my research.

Scale Of Use

I want VMs to be running for my research activities.



Not yet.
Tofuli Baendo
University of Arkansas at Pine Bluff (UAPB)


4 weeks 4 days ago