Garima Sharma,
Ram Narayan,
- Assistant Professor, Department of Computer Science and Engineering, The NorthCap University, Haryana, India
- Student, Department of Computer Science and Engineering, The NorthCap University, Haryana, India
Abstract
In the face of increasing cyber threats, this work presents advanced security automation program (ASAP) a revolutionary solution aimed at addressing modern cyber threats through the utilization of artificial intelligence (AI) and open-source technologies. Unlike conventional security systems like security information and event management (SIEM) and security operations center (SOC), ASAP provides automated defense mechanisms that surpass their limitations by significantly increasing both the speed and accuracy of incident detection by 50% to 90% and incident response efficiency by 30% to 70% holistically at no cost. By democratizing cybersecurity, ASAP enables organizations of all sizes and even individual systems to access robust protection without relying on expensive proprietary solutions. By integrating open-source tools and AI, ASAP enhances threat detection, simplifies incident response, and bolsters overall cybersecurity. The paper encourages collaboration by sharing not only ASAP’s architecture but also development insights with the open-source community. By adopting ASAP, organizations can proactively strengthen their defenses, mitigate cyber risks and ensure operational continuity in the face of ever-evolving cyber threat. Our study not only contributes to the field by proposing ASAP but also identifies promising areas for future research such as integrating explainable AI techniques to increase user trust and understanding of ASAP’s decision-making processes.
Keywords: Cyber-resilience, open-source technologies, advance security automation program (ASAP), security information and event management (SIEM), security operations center (SOC)
[This article belongs to Journal of Open Source Developments(joosd)]
AI-Driven Cybersecurity: Enhancing System Resilience with Advance Security Automation Program (ASAP)
. Journal of Open Source Developments. 2024; 11(02):1-19.
AI-Driven Cybersecurity: Enhancing System Resilience with Advance Security Automation Program (ASAP)
. Journal of Open Source Developments. 2024; 11(02):1-19. Available from: https://journals.stmjournals.com/joosd/article=2024/view=152537
Fetching IP address…
References
- ModSecurity: Open Source Web Application Firewall. [Online]. 2019. Available at https://www.modsecurity.org/about.html
- Combs R. Snort 3.0 with Elasticsearch, Logstash, and Kibana (ELK). [Online]. 2019. snort.org. Available at https://blog.snort.org/2017/11/snort-30-with-elasticsearch-logstash.html
- Bassett S, Paquette M. Improve security analytics with the Elastic Stack, Wazuh, and IDS. [Online]. Elastic Blog, April 1, 2019. Available at https://www.elastic.co/blog/improve-security-analytics- with-the-elastic-stack-wazuh-and-ids
- Kuc R, Rogozinski M. Mastering Elasticsearch. 2nd edition. Birmingham, UK: Packt Publishing Ltd; 2015.
- Taylor A. Detect Beaconing with Flare, Elastic Stack, and Intrusion Detection Systems. [Online]. Austin Taylor. Available at http://www.austintaylor.io/detect/beaconing/intrusion/detection/system/
command/control/flare/elastic/stack/2017/06/10/detect-beaconing-with-flare-elasticsearch-and-intrusion-detection-systems - Paquette M. Using Machine Learning and Elasticsearch for Security Analytics: A Deep Dive. [Online]. Elastic Blog, May 2, 2019. Available at https://www.elastic.co/blog/using-machine-learning-and-elasticsearch-for-security-analytics-deep-dive
- Elastic.co. Elasticsearch Documentation. [Online]. 2019. Available at https://www.elastic.co/guide/
en/elasticsearch/reference/current/index.html - Elastic.co. Logstash Documentation. [Online]. 2019. Available at https://www.elastic.co/guide/en/
logstash/current/index.html - Elastic.co. Kibana Guide. [Online]. 2019. Available at https://www.elastic.co/guide/en/kibana/
current/index.html - Elastic.co. Suricata Module: Filebeat Reference [master]. [Online]. 2019. https://www.elastic.co/
guide/en/beats/filebeat/master/filebeat-module-suricata.html - Elastic.co. Filebeat Documentation. [Online]. 2019. Available at https://www.elastic.co/guide/en/
beats/filebeat/current/index.html - Elastic.co. Metricbeat Documentation. [Online]. 2019. Available at https://www.elastic.co/guide/
en/beats/metricbeat/current/index.html - Secrepo.com: SecRepo – Security Data Samples Repository. [Online]. 2019. Available at https://www.secrepo.com
- Moh M, Pininti S, Doddapaneni S, Moh T-S. Detecting web attacks using multi-stage log analysis. In: 2016 IEEE 6th International Conference on Advanced Computing (IACC), Bhimavaram, India, February 27–28, 2016. pp. 733–738.
Journal of Open Source Developments
Volume | 11 |
Issue | 02 |
Received | April 9, 2024 |
Accepted | April 26, 2024 |
Published | June 29, 2024 |