Journal of Network Security and Data Mining

Security management is a critical activity for any organization. Modern security information and event management systems (SIEM) provide a direct approach to identify and prevent cyber-attacks. The commercial SIEM solutions are considerably expensive and also the expected performance will not be achieved by small-scale companies. Integration of Elasticsearch, Logstash, Kibana (ELK stack acronym for three open-source projects) will be facilitated to develop a free SIEM solution. Hence, this research suggests that the application of a more specific SIEM solution for a regular operation could be advantageous in terms of performance and productivity.

Mokalled, H., Catelli, R., Casola, V., Debertol, D., Meda, E., & Zunino, R. (2019, June). The applicability of a siem solution: Requirements and evaluation. In 2019 IEEE 28th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE) (pp. 132-137). IEEE.

Sönmez, F. Ö., & Günel, B. (2018, December). Evaluation of Security Information and Event Management Systems for Custom Security Visualization Generation. In 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT) (pp. 38-44). IEEE.

Agrawal, K., & Makwana, H. (2015). A study on critical capabilities for security information and event management. International Journal of Science and Research, 4(7), 1893-1896.

Majeed, A., ur Rasool, R., Ahmad, F., Alam, M., & Javaid, N. (2019). Near-miss situation based visual analysis of SIEM rules for real time network security monitoring. Journal of Ambient Intelligence and Humanized Computing, 10(4), 1509-1526.

Khan, A., Khan, R., & Nisar, F. (2017, April). Novice threat model using SIEM system for threat assessment. In 2017 International Conference on Communication Technologies (ComTech) (pp. 72-77). IEEE.

Kotenko, I., Kuleshov, A., & Ushakov, I. (2017, August). Aggregation of elastic stack instruments for collecting, storing and processing of security information and events. In 2017 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computed, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI) (pp. 1-8). IEEE.

Vadhil, F. A., Salihi, M. L., & Nanne, M. F. (2019). Toward a Secure ELK Stack. International Journal of Computer Science and Information Security (IJCSIS), 17(7).

Almohannadi, H., Awan, I., Al Hamar, J., Cullen, A., Disso, J. P., & Armitage, L. (2018, May). Cyber threat intelligence from honeypot data using elasticsearch. In 2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA) (pp. 900-906). IEEE.

Abeyrathna, A., Samarage, C., Dahanayake, B., Wijesiriwardana, C., & Wimalaratne, P. (2020). A security specific knowledge modelling approach for secure software engineering. Journal of the National Science Foundation of Sri Lanka, 48(1).

Al-Mohannadi, H., Mirza, Q., Namanya, A., Awan, I., Cullen, A., & Disso, J. (2016, August). Cyber-attack modeling analysis techniques: An overview. In 2016 IEEE 4th international conference on future internet of things and cloud workshops (FiCloudW) (pp. 69-76). IEEE.