Abstract
Information Technology (IT) is now widely adopted in current business and organizations, which refers to the usage of any computers, networking and physical devices to help create, exchange and handle electronic data. While cyber-attacks are one major threat to IT based systems and networks. A successful attack can cause a major business loss, thus every organisation has their own information security measures. Among them, logging and monitoring is one important security measure to prevent an organization from threats. In particular, threat hunting is a significant approach to identify intruders. In this paper, our purpose is to study how well the Elastic stack tool can be used in threat hunting and compare it with four similar tools. It is found that Elastic Stack tool can be effective in detecting the threats/security events as well as cost-efficient while implementing on a large-scale environment.
Original language | English |
---|---|
Title of host publication | Proceedings of 2021 IEEE International Conference on Service Operations and Logistics, and Informatics |
Number of pages | 6 |
Publisher | IEEE |
Publication date | 2021 |
Pages | 1-6 |
ISBN (Print) | 978-1-6654-6723-0 |
DOIs | |
Publication status | Published - 2021 |
Event | 2021 IEEE International Conference on Service Operations and Logistics, and Informatics - Virtual event, Singapore Duration: 11 Dec 2021 → 12 Dec 2021 Conference number: 15 https://ieeexplore.ieee.org/xpl/conhome/9672320/proceeding |
Conference
Conference | 2021 IEEE International Conference on Service Operations and Logistics, and Informatics |
---|---|
Number | 15 |
Location | Virtual event |
Country/Territory | Singapore |
Period | 11/12/2021 → 12/12/2021 |
Internet address |
Keywords
- Elastic Stack
- Log Analysis
- Threat Hunting
- Attack Recreation
- Log Monitoring
- IT Security