Institutional Repository [SANDBOX]
Technical University of Crete
EN  |  EL

Search

Browse

My Space

Deployment, testing, evaluation, and improvement of the HELK open source system for SOCs (Security Operations Centers) supporting the SME sector

Skantzis Dionysios

Full record


URI: http://purl.tuc.gr/dl/dias/3C7A4D5E-9993-46F7-B780-D71D56910AD5
Year 2024
Type of Item Diploma Work
License
Details
Bibliographic Citation Dionysios Skantzis, "Deployment, testing, evaluation, and improvement of the HELK open source system for SOCs (Security Operations Centers) supporting the SME sector", Diploma Work, School of Electrical and Computer Engineering, Technical University of Crete, Chania, Greece, 2024 https://doi.org/10.26233/heallink.tuc.99745
Appears in Collections

Summary

In an era marked by escalating cyber threats and an increasingly interconnected digital landscape, the need for robust cybersecurity measures is paramount. Small and medium-sized enterprises (SMEs), often constrained by budgetary considerations, face the challenge of securing their digital infrastructure effectively. This thesis embarks on a comprehensive exploration of the feasibility and practicality of SMEs adopting an open-source SIEM system known as HELK (Hunting ELK). The study delves into every facet of deploying, installing, and configuring HELK, creating a roadmap accessible to businesses of varying technical proficiencies. Moreover, it elucidates the intricate processes involved in configuring a Windows Host to seamlessly transmit logs to the HELK SIEM. A thorough analysis of HELK's inner workings is undertaken, followed by a rigorous evaluation of its efficacy in detecting simulated cyberattacks. By subjecting the SIEM to a series of carefully orchestrated attacks, this research assesses its ability to identify and mitigate threats. The findings shed light on HELK's strengths and weaknesses, offering insights into potential enhancements. In light of the above, this thesis endeavours to address a critical question: can SMEs rely on the open-source HELK SIEM as a cost-effective alternative to commercial counterparts? By navigating the intricacies of SIEM deployment, testing its performance, and scrutinizing its practicality, this research provides valuable guidance to SMEs seeking comprehensive yet budget-conscious cybersecurity solutions.

Available Files

Services

Statistics