• Convergence Security Journal
• /
• v.24 no.1
• /
• pp.3-9
• /
• 2024

Currently, cyberattacks and security threats are constantly evolving, and organizations need quick and efficient security response methods. This paper proposes ways to strengthen internal network security by utilizing Unified Threat Management (UTM) equipment to improve network security and effectively manage and analyze the log data of the internal network collected through these equipment using Elastic Stack (Elasticsearch, Logstash, Kibana, hereinafter referred to as ELK Stack).

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.337-340
• /
• 2022

SQL Injection attacks are one of the older attack techniques and are the dominant type of hacking attempts against web services. There have been many attempts to hack SQL injection attacks by exposing data or obtaining privileges. In this paper, we implement a log analysis system that can respond to SQL injection attacks in real time using the open source ELK Stack. did. By providing a visualization of SQL injection attack log data through the implemented system, it is expected that users will be able to easily grasp the degree of attack risk and quickly prepare for attacks.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.10a
• /
• pp.333-336
• /
• 2022

With the development of IT technology, cybercrime is becoming sophisticated and intelligent. In particular, in the case of BackDoor, which is used in the APT attack (intelligent continuous attack), it is very important to detect malicious behavior and respond to infringement because it is often unaware that it has been damaged by an attacker. This paper aims to build an EDR platform that can monitor, analyze, and respond to malicious behavior in real time by collecting, storing, analyzing, and visualizing logs in an endpoint environment in real time using open source-based analysis solutions ELK Stack and Sysmon.

• Convergence Security Journal
• /
• v.22 no.3
• /
• pp.13-18
• /
• 2022

With the rapid development of IT technology, integration with existing industries has led to an increase in smart manufacturing that simplifies processes and increases productivity based on 4th industrial revolution technology. Security threats are also increasing and there are. In the case of supply chain attacks, it is difficult to detect them in advance and the scale of the damage is extremely large, so they have emerged as next-generation security threats, and research into detection technology is necessary. Therefore, in this paper, we collect, store, analyze, and visualize logs in multiple environments in real time using ELK Stack and Sysmon, which are open source-based analysis solutions, to derive information such as abnormal behavior related to supply chain attacks, and efficiently We try to provide an effective detection method.

• Journal of Digital Contents Society
• /
• v.19 no.1
• /
• pp.181-191
• /
• 2018

With the development of IT, hacking crimes are becoming intelligent and refined. In Emergency response, Big data analysis in information security is to derive problems such as abnormal behavior through collecting, storing, analyzing and visualizing whole log including normal log generated from various information protection system. By using the full log data, including data we have been overlooked, we seek to detect and respond to the abnormal signs of the cyber attack from the early stage of the cyber attack. We used open-source ELK Stack technology to analyze big data like unstructured data that occur in information protection system, terminal and server. By using this technology, we can make it possible to build an information security control system that is optimized for the business environment with its own staff and technology. It is not necessary to rely on high-cost data analysis solution, and it is possible to accumulate technologies to defend from cyber attacks by implementing protection control system directly with its own manpower.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.1357-1360
• /
• 2021

현재 우리 사회에서 대기오염에 대한 문제가 계속해서 대두되고 있다. 항만에서도 대기오염물질 발생에 대한 대책 마련이 필요한 실정이다. 따라서 ELK-Stack을 이용한 SW와 Arduino를 활용한 HW로 항만의 대기질 분석 및 오염도를 시각화하고, 이를 통해 항만 관계자들이 경각심을 기를 수 있는 배경을 마련한다. 또한, 해당 프로젝트로 정부의 친환경 항만 조성 정책에 가담하고자 한다.

• Proceedings of the Korea Contents Association Conference
• /
• 2019.05a
• /
• pp.331-332
• /
• 2019

로그 분석 솔루션의 필요성이 대두되어 공공기관 뿐만 아니라 사기업들도 앞다퉈 로그 분석 솔루션을 도입하여 보안관제센터를 구축하는 추세이다. 하지만 그 비용자체가 만만치 않아 아직까지 예산이 부족한 기관 및 기업은 도입하지 못하고 있다. 본 연구에서는 오픈소스를 활용하여 보안관제센터를 구축하는 방안을 제시하였다. ELK Stack을 이용하여 로그 분석 시스템을 구축하였다. ELK Stack의 검색 속도 및 로그 데이터의 시각화 성능은 시장 점유율 1위인 Splunk와 비교 했을 때 비슷하였다. 또한, 오픈소스를 이용하기 때문에 기업간 기술 공유를 통해 보안관제의 탐지기술이 한층더 업그레이드 될 수 있다.

• International conference on construction engineering and project management
• /
• 2020.12a
• /
• pp.485-492
• /
• 2020

Information on the energy consumption of buildings that can be obtained through conventional methods is limited. Therefore, this study aims to develop a model that can support decision making about building facility management through digital transformation technologies. Through the IoT sensor, the building's energy data and indoor air quality data are collected, and the monitored data is visualized through the ELK Stack and produced as a dashboard. In addition, the target building is photographed with a 360-degree camera and maps using a tool to create a 360-degree tour. Using such digital transformation technologies, users of buildings can obtain various information in real time without visiting buildings directly. This can lead to changes in actions or actions for building management, supporting facility management decisions, and consequently reducing building energy consumption.

• Journal of the Korean Institute of Electrical and Electronic Material Engineers
• /
• v.22 no.9
• /
• pp.776-780
• /
• 2009

In this study, the opto-electric properties of EL devices with PMN dielectric layer with variation of firing tempereature were investigated. For the PMN dielectric layer process, the paste was prepared by optimization of quantitative mixing of PMN powder, $BaTiO_3$, Glass Frit, $\alpha$-Terpineol and ethyl cellulose. The EL device stack consists of Alumina substrate ($Al_2O_3$), metallic electrode (Au), insulating layer (manufactured PMN paste), phosphor layer (ELPP- 030, ELK) and transparent electrode (ITO), which is well structure as a thick film EL device. The phase transformation properties of PMN dielectric with various firing temperatures of $150^{\circ}C$ to $850^{\circ}C$ was characterized by XRD. Also the opto-electric properties of EL devices with different firing temperature were investigated by LCR meter and spectrometer. We found the best opto-electric property was obtained at the condition of $550^{\circ}C$ firing which is 3432.96 $cd/m^2$ at 1948.3 pF Capacitance, 40 kHz Frequency, 40% Duty, Vth+330 V voltage.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.10a
• /
• pp.39-42
• /
• 2018

Log analysis and monitoring have a significant importance in most of the systems. Log management has core importance in applications like distributed applications, cloud based applications, and applications designed for big data. These applications produce a large number of log files which contain essential information. This information can be used for log analytics to understand the relevant patterns from varying log data. However, they need some tools for the purpose of parsing, storing, and visualizing log informations. "Elasticsearch, Logstash, and Kibana"(ELK Stack) is one of the most popular analyzing tools for log management. For the ingestion of log files configuration files have a key importance, as they cover all the services needed to input, process, and output the log files. However, creating configuration files is sometimes very complicated and time consuming in many applications as it requires domain expertise and manual creation. In this paper, an auto configuration module for Logstash is proposed which aims to auto generate the configuration files for Logstash. The primary purpose of this paper is to provide a mechanism, which can be used to auto generate the configuration files for corresponding log files in less time. The proposed module aims to provide an overall efficiency in the log management system.