Browse > Article
http://dx.doi.org/10.9728/dcs.2018.19.1.181

Security Operation Implementation through Big Data Analysis by Using Open Source ELK Stack  

Hyun, Jeong-Hoon (Department of Big Data Application and Security, Korea University)
Kim, Hyoung-Joong (Department of Big Data Application and Security, Korea University)
Publication Information
Journal of Digital Contents Society / v.19, no.1, 2018 , pp. 181-191 More about this Journal
Abstract
With the development of IT, hacking crimes are becoming intelligent and refined. In Emergency response, Big data analysis in information security is to derive problems such as abnormal behavior through collecting, storing, analyzing and visualizing whole log including normal log generated from various information protection system. By using the full log data, including data we have been overlooked, we seek to detect and respond to the abnormal signs of the cyber attack from the early stage of the cyber attack. We used open-source ELK Stack technology to analyze big data like unstructured data that occur in information protection system, terminal and server. By using this technology, we can make it possible to build an information security control system that is optimized for the business environment with its own staff and technology. It is not necessary to rely on high-cost data analysis solution, and it is possible to accumulate technologies to defend from cyber attacks by implementing protection control system directly with its own manpower.
Keywords
Emergency Response; Unstructured; Visualize; Open-source; ELK Stack;
Citations & Related Records
Times Cited By KSCI : 5  (Citation Analysis)
연도 인용수 순위
1 H. O. Koo, S. H. Baek, and C. S. Oh, "Effective traffic analysis in DDoS attack", Journal of the Korea Contents Society, Vol. 2, No. 1, pp. 268-272, May 2004
2 T. Y. Shim, I. J. Choi, J. I. Lee, B. K. Hong, and C. S. Oh, "Methodology for DDoS Detection Using Pattern Matching in Distributed Environment", Journal of the Korea Institute of Information Technology, Vol. 11, No. 8, pp. 101-110, Jul. 2013
3 M. Kaeo, Designing Network Security, 2nd ed. Cisco Press, pp. 343-353, Mar. 2004
4 D. S. Moon, H. S. Lee, and I. K. Kim, "Host based Feature Description Method for Detecting APT Attack", Journal of the Korea Institute of Information Security & Cryptology, Vol. 24, No. 5, pp. 839-850, Oct. 2014   DOI
5 I. S. Jeon, K. H. Han, D. W. Kim, and J. Y. Choi, "Using the SIEM Software vulnerability detection model proposed", Journal of the Korea Institute of Information Security & Cryptology, Vol. 24, No. 4, pp. 961-974, Aug. 2015
6 S. J. Lee and D. H. Lee, "Real time predictive analytic system design and implementation using Big Data-log" Journal of the Korea Institute of Information Security & Cryptology, Vol. 25, No. 6, pp. 1399-1410, Dec. 2015   DOI
7 D. K. Kim, S. B. Pyo, and C. H. Kim, "Study on APT Attack response Techniques Based on Big Data Analysis", The Society of Convergence Knowledge Transactions, Vol. 4, No. 1, pp. 29-34, Jan. 2016
8 J. S. Hong, Y. H. Lim, W. H. Park, and K. H. Kook, "Improved Security Monitoring and Control Using Analysis of Cyber Attack in Small Businesses", Journal of Society for e-Business Studies, Vol. 19, No. 4, pp. 195-204, Nov. 2014
9 Verizon. 2012 Data Breach Investigations Report [Internet]. Available: http://www.verizonenterprise.com/resources/reports/rp_data-breach-investigations-report-2012-ebk_en_xg.pdf
10 H. J. Kim, J. H. Hyun, H. J. Lee, P. J. Park, and A. L. Lee, The 4th Industrial Revolution Futures technology and Security of Company, 1st ed. InfoTheBooks, pp. 61-73, Jan. 2017
11 S. W. Son, K. S. Kim, J. W. Choi, and G. S. Lee, "Development of Managing Security Services System Protection Profile", Journal of Digital Contents Society Vol. 16, No. 2, pp 345-353, Apr. 2015   DOI
12 D. J. Jeon and D. G. Park, "Analysis Model for Prediction of Cyber Threats by Utilizing Big Data Technology", Journal of Korea Institute of Information Technology Vol. 12, No. 5, pp. 81-100, May 31. 2014
13 S. J. Moon, "Server Management Prediction System based on Network Log and SNMP", Journal of Digital Contents Society Vol. 18, No. 4, pp 747-751, Jul. 2017   DOI
14 ElasticSearch [Internet]. Available: https://www.elastic.co/kr/products/elasticsearch
15 J. W. Yoon, C. Y. Park, and U. S. Song, "Building the Educational Practice System based on Open Source Cloud Computing", Journal of Digital Contents Society Vol. 14, No. 4, pp 505-511, Dec. 2013   DOI