CYBER SECURITY EVENT CLASSIFICATION USING HYBRID BELIEF RULE BASE MODEL IN OPEN SOURCE SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM)

CYBER SECURITY EVENT CLASSIFICATION USING HYBRID BELIEF RULE BASE MODEL IN OPEN SOURCE SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM)

The rapid development of information technology, especially the internet, has created threats to cyberspace. Various types of threats have created the need to implement a cybersecurity system. In addition, cyber threats have also triggered the issuance of several cybersecurity regulations, making...

Full description

Saved in:
Bibliographic Details
Main Author: Arlingga, Yudha
Format: Theses
Language:Indonesia
Online Access:https://digilib.itb.ac.id/gdl/view/85921
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Institut Teknologi Bandung
Language: Indonesia
Description
Summary:The rapid development of information technology, especially the internet, has created threats to cyberspace. Various types of threats have created the need to implement a cybersecurity system. In addition, cyber threats have also triggered the issuance of several cybersecurity regulations, making the need to implement a cybersecurity system even more urgent. Various sectors, including digital startups and the government, are required to immediately comply with regulations in which the implementation of a cybersecurity system is part of the regulation. To protect cyberspace from threats and meet the needs of a cybersecurity system, one effort that can be made is to implement Security Information and Event Management (SIEM) technology, which is also an important part of the cybersecurity system within the Cyber Security Operation Center (CSOC) framework and is also in line with the NIST Cyber Security Framework and other regulations. However, the fulfillment of this technology has encountered several obstacles, namely the problem of cost and the increase in types of attacks, data and devices. The fulfillment of paid technology tends to be relatively expensive. In addition, the sophistication of the types of attacks and the amount of data generated by devices continues to increase, requiring a method solution to handle it as well. The solution offered to answer this problem is to implement an open source SIEM which is strengthened by Hybrid Belief Rule Based (HBRB) modeling which is part of the expert system. This research has successfully designed, implemented, and documented the application of open source SIEM strengthened by HBRB modeling with the aim of classifying cyber security events. The results of the study have been evaluated and it is known that the implemented SIEM can be applied to real work environments.

Similar Items