Published April 21, 2023 | Version v1
Journal article Open

Improving Network Security in Small and Medium-Sized Businesses through Log Analysis using ELK

Authors/Creators

  • 1. Post Graduate Student, Faculty of Computing, Sri Lanka Institute of Information Technology, Malabe, Sri Lanka

Description

The administration of a company's security measures is a crucial responsibility. A simple method for detecting and avoiding cyber-attacks may be found in today's security information and event management (SIEM) systems. Small firms can't afford commercial SIEM solutions, and their performance expectations won't be reached. To build a cost-free SIEM solution, support for the ELK stack (an acronym for three open-source projects) will be provided. Our findings suggest that it may be beneficial to use a more suitable SIEM solution for a typical activity, both from a performance and productivity standpoint.

Files

IMPROVING NETWORK SECURITY.pdf

Files (357.6 kB)

Name Size Download all
md5:4b017f2769d6a6d514dc55bfbd3eb56e
357.6 kB Preview Download

Additional details

References

  • 1. Mokalled, H., Catelli, R., Casola, V., Debertol, D., Meda, E., & Zunino, R. (2019, June). The applicability of a siem solution: Requirements and evaluation. In 2019 IEEE 28th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE) (pp. 132-137). IEEE.
  • 2. Sönmez, F. Ö., & Günel, B. (2018, December). Evaluation of security information and event management systems for custom security visualization generation. In 2018 International Congress on Big Data, Deep Learning and Fighting Cyber Terrorism (IBIGDELFT) (pp. 38-44). IEEE.
  • 3. Agrawal, K., & Makwana, H. (2015). A study on critical capabilities for security information and event management. International Journal of Science and Research, 4(7), 1893-1896.
  • 4. Majeed, A., ur Rasool, R., Ahmad, F., Alam, M., & Javaid, N. (2019). Near-miss situation based visual analysis of SIEM rules for real time network security monitoring. Journal of Ambient Intelligence and Humanized Computing, 10, 1509-1526.
  • 5. Khan, A., Khan, R., & Nisar, F. (2017, April). Novice threat model using SIEM system for threat assessment. In 2017 International Conference on Communication Technologies (ComTech) (pp. 72-77). IEEE.
  • 6. Kotenko, I., Kuleshov, A., & Ushakov, I. (2017, August). Aggregation of elastic stack instruments for collecting, storing and processing of security information and events. In 2017 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computed, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI) (pp. 1-8). IEEE.
  • 7. Vadhil, F. A., Salihi, M. L., & Nanne, M. F. (2019). Toward a Secure ELK Stack. International Journal of Computer Science and Information Security (IJCSIS), 17(7), 139-143.
  • 8. Almohannadi, H., Awan, I., Al Hamar, J., Cullen, A., Disso, J. P., & Armitage, L. (2018, May). Cyber threat intelligence from honeypot data using elasticsearch. In 2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA) (pp. 900-906). IEEE.
  • 9. Abeyratne, A., Samarage, C., Dahanayake, B., Wijesiriwardana, C., & Wimalaratne, P. (2020). A security specific knowledge modelling approach for secure software engineering.
  • 10. Al-Mohannadi, H., Mirza, Q., Namanya, A., Awan, I., Cullen, A., & Disso, J. (2016, August). Cyber-attack modeling analysis techniques: An overview. In 2016 IEEE 4th international conference on future internet of things and cloud workshops (FiCloudW) (pp. 69-76). IEEE.