Monitoring dan Evaluasi Keamanan Jaringan Dengan Pendekatan System Information and Security Management (SIEM)

Muhamad Ramli(1*), Benfano Soewito(2)

(1) 
(2) 
(*) Corresponding Author

Abstract


Every system produces independent logs. This makes monitoring logs difficult if not done centrally. The research objective is to monitor and evaluate network security using open source-based Security Information and Event Management (SIEM). The research methods include literature studies, SIEM review, observation at the Data and Information System Center (PDSI), simulation of Open Source SIEM implementation by combining devices in real and GNS3 simulation networks, SIEM deployment using Docker, and the final stage of SIEM application evaluation. The implemented SIEM is able to fulfill 84% of the initial requirements. SIEM integrated with Pfsense firewall and Suricata-Intrusion Prevention System (IPS). Monitoring and evaluation features such as detection and alerting, analysis and investigation, compliance and audit, integration and interoperability, monitoring and reporting, support, and maintenance are important parts of SIEM.

References


I. Anastasov and D. Davcev, "SIEM Implementation for Global and Distributed Environment," in 2014 World Congress on Computer Applications and Information Systems (WCCAIS), Hammamet, 2014.

J. W. W. Qingrong, X. Z. S. Zhu, K. K. E. Guo and C. L. M. Lu, "Light SIEM for Semiconductor Industry," in 2017 IEEE International Conference on Industrial Engineering and Engineering Management (IEEM),, Singapore, 2017.

K. Dekten, T. Rix, C. Keiner, B. Hellmann and L. Renners, "SIEM Approach for a Higher Level of IT Security in Enterprise Networks," in 2015 The 8th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), Warsaw, 2015.

A. Vazão, L. Santos, M. B. Piedade and C. Rabadão, "SIEM Open Source Solutions: a Comparative Study," in 2019 14th Iberian Conference on Information Systems and Technologies (CISTI), Coimbra, 2019.

R. Leszczyna and M. R. Wróbel, "Evaluation of Open Source SIEM for Situation Awareness Platform in the Smart Grid Environment," in 2017 IEEE International Conference on Industrial Engineering and Engineering Management (IEEM), Singapore, 2017.

A. Serckumecka, I. Medeiros and A. Bessani, "Low-cost Serverless SIEM in the Cloud," in 2019 38th Symposium on Reliable Distributed Systems (SRDS), Lyon, 2019.

H. Mokalled, R. Catelli, . V. Casola, D. Debertol, E. Meda and R. Zunino, "The applicability of a SIEM solution: Requirements and Evaluation," in 2019 IEEE 28th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), Napoly, 2019.

K.-O. Dekten, M. Jahnke, C. Kleiner and M. Rohde, "Combining Network Access Control (NAC) and SIEM Functionality based on Open Source," in 2017 9th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), Bucharest, 2017.




DOI: http://dx.doi.org/10.30998/faktorexacta.v16i1.16534

Refbacks

  • There are currently no refbacks.




Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

template doaj grammarly tools mendeley crossref SINTA sinta faktor exacta   Garuda Garuda Garuda Garuda Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

Flag Counter

site
stats View Faktor Exacta Stats


pkp index