Open Access Open Access  Restricted Access Subscription Access

An Integrated SIEM Approach for Real-Time Threat Detection and Log Analytics in Higher Education ERM Systems

Namratha KB, Shradha Hiremath, Abhiram Girish Naik, Sanjana N Patel, Sudarshana VD, Dr Prakash Kuppuswamy, Swathi A, Pawan Kumar NT

Abstract


Data related to academics, administration, and sensitive institutional information is increasingly handled by Enterprise Resource Management (ERM) systems in modern higher education institutions. Systems of this type become more vulnerable to cybersecurity threats as they grow in scale and functionality. Specifically developed for an educational institution's ERM ecosystem, this paper presents the design and implementation of a customized Security Information and Event Management (SIEM) solution. By centralizing and normalizing logs generated from student, faculty, and administrative portals, the proposed system allows real-time monitoring and analysis of system activities. A SIEM integrates rule-based mechanisms with machine learning models for detecting anomalies, unauthorized access, privilege abuse, and abnormal user behavior. A dynamic and intuitive dashboard provides administrators with immediate visibility into security events, alerts, and emerging trends derived from collected log data. Logs are processed through classification and correlation engines to create accurate, high-confidence alerts. In experiments, improvements were demonstrated in the accuracy of anomaly detection, the efficiency of logging, and the reliability of alerting. In addition to strengthening security awareness and supporting compliance and auditing, the solution provides a cost-effective, scalable framework for safeguarding academic ERM systems.


Full Text:

PDF

References


Alhogail A. Cyber security culture and compliance. Int J Cyber Secur Digit Forensics. 2015;4(2):243–250.

Behl A, Behl K. Cyberwar: The next threat to national security and what to do about it. Oxford: Oxford University Press; 2017.

Bhatt S, Manadhata P, Zomlot L. The operational role of security information and event management systems. IEEE Secur Priv. 2014;12(5):35–41.

Behl A. Cybersecurity and cyberwar: What everyone needs to know. Oxford: Oxford University Press; 2016.

Chuvakin A, Schmidt K, Phillips C. Logging and log management. Waltham (MA): Syngress; 2013.

Edgar TW, Manz DO. Research methods for cyber security. Waltham (MA): Syngress; 2017.

Ganesan S, Mayilvaganan M. Security monitoring in educational ERP systems. J Inf Secur. 2020;11(3):187–199.

Kent K, Souppaya M, Cook R. Guide to computer security log management. NIST Special Publication 800-92. Gaithersburg (MD): National Institute of Standards and Technology; 2006.

Pandeeswari N, Kumar GS. Anomaly detection system in SIEM using machine learning. Procedia Comput Sci. 2016;93:694–700.

Raza S, Wallgren L, Voigt T. Security considerations for the Internet of Things. IEEE Internet Things J. 2013;1(3):270–278.


Refbacks

  • There are currently no refbacks.