IMPROVING NETWORK SECURITY IN SMALL AND MEDIUM-SIZED BUSINESSES THROUGH LOG ANALYSIS USING ELK
Abstract
The administration of a company's security measures is a crucial responsibility. A simple method for detecting and avoiding cyberattacks may be found in today's security information and event management (SIEM) systems. Small firms can't afford commercial SIEM solutions, and their performance expectations won't be reached. To build a cost-free SIEM solution, support for the ELK stack (an acronym for three open-source projects) will be provided. Our findings suggest that it may be beneficial to use a more suitable SIEM solution for a typical activity, both from a performance and productivity standpoint.
Full Text:
PDFReferences
Mokalled, H., Catelli, R., Casola, V., Debertol, D., Meda, E., & Zunino, R. (2019, June). The applicability of a siem solution: Requirements and evaluation. In 2019 IEEE 28th International Conference on Enabling
Technologies: Infrastructure for Collaborative Enterprises (WETICE) (pp. 132-137). IEEE.
Sönmez, F. Ö., & Günel, B. (2018, December). Evaluation of Security Information and Event Management ystems for Custom Security Visualization Generation. In 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT) (pp. 38-44).
IEEE.
Agrawal, K., & Makwana, H. (2015). A study on critical capabilities for security information and event management. International Journal of Science and Research, 4(7), 1893-1896.
Majeed, A., ur Rasool, R., Ahmad, F., Alam, M., & Javaid, N. (2019). Near□miss situation based visual analysis of SIEM rules for real time network security monitoring. Journal of Ambient Intelligence and Humanized Computing, 10(4), 1509-1526.
Khan, A., Khan, R., & Nisar, F. (2017, April). Novice threat model using SIEM system for threat assessment. In 2017 International Conference on Communication
Technologies (ComTech) (pp. 72-77).IEEE.
Kotenko, I., Kuleshov, A., & Ushakov, I. (2017, August). Aggregation of elastic stack instruments for collecting, storing andprocessing of security information and events. In 2017 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computed, Scalable
Computing & Communications, Cloud & Big
Data Computing, Internet of People and
Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCo m/IOP/SCI) (pp. 1-8). IEEE.
Vadhil, F. A., Salihi, M. L., & Nanne, M. F. (2019). Toward a Secure ELK Stack.
International Journal of Computer Science and Information Security (IJCSIS), 17(7).
Almohannadi, H., Awan, I., Al Hamar, J., Cullen, A., Disso, J. P., & Armitage, L. (2018, May). Cyber threat intelligence from honeypot data using elasticsearch. In 2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA) (pp. 900-906). IEEE.
Abeyrathna, A., Samarage, C., Dahanayake, B., Wijesiriwardana, C., & Wimalaratne, P. (2020). A security specific knowledge modelling approach for secure software engineering. Journal of the National
Science Foundation of Sri Lanka, 48(1).
Al-Mohannadi, H., Mirza, Q., Namanya, A., Awan, I., Cullen, A., & Disso, J. (2016, August). Cyber-attack modeling analysis techniques: An overview. In 2016 IEEE 4th
international conference on future internet of things and cloud orkshops (FiCloudW) (pp. 69-76). IEEE.
Refbacks
- There are currently no refbacks.