[{“box”:0,”content”:”n[if 992 equals=”Open Access”]n
n
Open Access
nn
n
n[/if 992]n
n
n
n
n
n
Garima Sharma, Ram Narayan
n
- n t
n
n
n[/foreach]
n
n[if 2099 not_equal=”Yes”]n
- [foreach 286] [if 1175 not_equal=””]n t
- Assistant Professor, Student Department of Computer Science and Engineering, The NorthCap University, Department of Computer Science and Engineering, The NorthCap University Haryana, Haryana India, India
n[/if 1175][/foreach]
n[/if 2099][if 2099 equals=”Yes”][/if 2099]n
Abstract
nIn the face of increasing cyber threats, this research paper presents Advanced Security Automation Program (ASAP) a revolutionary solution aimed at addressing modern cyber threats through the utilization of Artificial Intelligence (AI) and open-source technologies. Unlike conventional security systems like (SIEMs) Security Information and Event Management & (SOCs) Security Operations Centre, ASAP provides automated defense mechanisms that surpass their limitations by significantly increasing both the speed and accuracy of incident detection by 50% to 90% and incident response efficiency by 30% to 70% holistically at no-cost. By democratizing cybersecurity, ASAP enables organizations of all sizes and even individual systems to access robust protection without relying on expensive proprietary solutions. By integrating open-source tools and AI, ASAP enhances threat detection, simplifies incident response, and bolsters overall cybersecurity. The paper encourages collaboration by sharing not only ASAP’s architecture but also development insights with the open-source community. By adopting ASAP, organizations can proactively strengthen their defenses, mitigate cyber risks and ensure operational continuity in the face of ever-evolving cyber threat. Our research not only contributes to the field by proposing ASAP, but also identifies promising areas for future research such as integrating explainable AI techniques to increase user trust and understanding of ASAP’s decision-making processes.
n
Keywords: Cyber-Resilience, Open-source technologies, (ASAP) Advance Security Automation Program, (SIEM) Security Information and Event Management, (SOCs) Security Operations Centers.
n[if 424 equals=”Regular Issue”][This article belongs to Journal of Open Source Developments(joosd)]
n
n
n
n
n
nn[if 992 equals=”Open Access”] Full Text PDF Download[/if 992] n
nn[if 379 not_equal=””]n
Browse Figures
n
n[/if 379]n
References
n[if 1104 equals=””]n
- Moh, M., Pininti, S., Doddapaneni, S., Moh, T.-S.: Detecting web attacks using multi-stage log analysis. In: 2016 IEEE 6th International Conference on Advanced Computing (IACC), Bhimavaram, India, pp. 733–738 (2019)
- co: Elasticsearch Documentation (2019). https://www.elastic.co/guide/en/elasticsearch/reference/current/index.html
- Bassett, S., Paquette, M.: Improve Security Analytics with the Elastic Stack, Wazuh, and IDS. Elastic Blog, 01 April 2019. https://www.elastic.co/blog/improve-security-analytics- with-the-elastic-stack-wazuh-and-ids.
- Elastic.co: Filebeat Documentation (2019). https://www.elastic.co/guide/en/beats/filebeat/current/index.html.
- Elastic.co:KibanaGuide(2019).https://www.elastic.co/guide/en/kibana/current/index.html.
- Elastic.co: Logstash Documentation (2019). https://www.elastic.co/guide/en/logstash/current/index.html.
- Elastic.co: Metricbeat Documentation (2019). https://www.elastic.co/guide/en/beats/metricbeat/current/index.html.
- Secrepo.com: SecRepo – Security Data Samples Repository (2019). https://www.secrepo.com
- ModSecurity:OpenSourceWebApplicationFirewall(2019).https://www.modsecurity.org/ about.html.
- Combs,R.:Snort3.0withElasticsearch, Logstash, and Kibana(ELK)(2019).Blog.snort.org. https://blog.snort.org/2017/11/snort-30-with-elasticsearch-logstash.html.
- Kuc, R., Rogozinski, M.: Mastering Elasticsearch, 2nd edn. Packt Publishing Ltd., Birmingham (2015)
- Taylor, A.: Detect Beaconing with Flare, Elastic Stack, and Intrusion Detection Systems . Austin Taylor. http://www.austintaylor.io/detect/beaconing/intrusion/detection/system/command/control/flare/elastic/stack/2017/06/10/detect-beaconing-with-flare-elasticsearch-and-intrusion-detection-systems .
- Paquette, M.: Using Machine Learning and Elasticsearch for Security Analytics: A Deep Dive. Elastic Blog, 02 May 2019. https://www.elastic.co/blog/using-machine-learning-and- elasticsearch-for-security-analytics-deep-dive.
- Elastic.co: Suricata module: Filebeat Reference [master] (2019). https://www.elastic.co/guide/en/beats/filebeat/master/filebeat-module-suricata.html
nn[/if 1104][if 1104 not_equal=””]n
- [foreach 1102]n t
- [if 1106 equals=””], [/if 1106][if 1106 not_equal=””],[/if 1106]
n[/foreach]
n[/if 1104]
nn
nn[if 1114 equals=”Yes”]n
n[/if 1114]
n
n
n
| Volume | 11 | |
| [if 424 equals=”Regular Issue”]Issue[/if 424][if 424 equals=”Special Issue”]Special Issue[/if 424] [if 424 equals=”Conference”][/if 424] | 02 | |
| Received | April 9, 2024 | |
| Accepted | June 26, 2024 | |
| Published | June 29, 2024 |
n
n
n
n
n
n function myFunction2() {n var x = document.getElementById(“browsefigure”);n if (x.style.display === “block”) {n x.style.display = “none”;n }n else { x.style.display = “Block”; }n }n document.querySelector(“.prevBtn”).addEventListener(“click”, () => {n changeSlides(-1);n });n document.querySelector(“.nextBtn”).addEventListener(“click”, () => {n changeSlides(1);n });n var slideIndex = 1;n showSlides(slideIndex);n function changeSlides(n) {n showSlides((slideIndex += n));n }n function currentSlide(n) {n showSlides((slideIndex = n));n }n function showSlides(n) {n var i;n var slides = document.getElementsByClassName(“Slide”);n var dots = document.getElementsByClassName(“Navdot”);n if (n > slides.length) { slideIndex = 1; }n if (n (item.style.display = “none”));n Array.from(dots).forEach(n item => (item.className = item.className.replace(” selected”, “”))n );n slides[slideIndex – 1].style.display = “block”;n dots[slideIndex – 1].className += ” selected”;n }nn”}]
