Real-time Defense Against Cyber Threats: Analyzing Wazuh's Effectiveness in Server Monitoring
As cloud computing grows exponentially, organizations face escalating cybersecurity challenges due to increased cyber threats and attacks on cloud-based networks. Monitoring cloud servers is one action that can be taken to improve the security. This can be done with the help of various server monit...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Andalas University
2023-09-01
|
| Series: | JITCE (Journal of Information Technology and Computer Engineering) |
| Subjects: | |
| Online Access: | http://10.250.30.20/index.php/JITCE/article/view/210 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1823864557373751296 |
|---|---|
| author | Alde Alanda H.A Mooduto Ronal Hadi |
| author_facet | Alde Alanda H.A Mooduto Ronal Hadi |
| author_sort | Alde Alanda |
| collection | DOAJ |
| description |
As cloud computing grows exponentially, organizations face escalating cybersecurity challenges due to increased cyber threats and attacks on cloud-based networks. Monitoring cloud servers is one action that can be taken to improve the security. This can be done with the help of various server monitoring tools, such as Wazuh. The study investigates Wazuh's effectiveness in real-time monitoring of three AWS EC2 instance-based cloud servers. Wazuh's capabilities such as log data collection, malware detection, active response automation, and Docker container monitoring, are examined. The research reveals detailed insights into user activities, web server access, and database operations. Wazuh proves adept at tracking file integrity, detecting malware, and responding actively, as evidenced by the 342 alerts generated during a 24-hour monitoring period. The result shows that Wazuh is a particularly effective tool for protecting cloud environments from cyberattacks because it provides quick and ongoing security monitoring, which is essential for securing intricate cloud infrastructures.
|
| format | Article |
| id | doaj-art-2905ddcd30264b55a26ec71d588d767c |
| institution | Kabale University |
| issn | 2599-1663 |
| language | English |
| publishDate | 2023-09-01 |
| publisher | Andalas University |
| record_format | Article |
| series | JITCE (Journal of Information Technology and Computer Engineering) |
| spelling | doaj-art-2905ddcd30264b55a26ec71d588d767c2025-02-08T21:26:02ZengAndalas UniversityJITCE (Journal of Information Technology and Computer Engineering)2599-16632023-09-017210.25077/jitce.7.2.56-62.2023Real-time Defense Against Cyber Threats: Analyzing Wazuh's Effectiveness in Server MonitoringAlde Alanda0H.A Mooduto1Ronal Hadi2Politeknik Negeri PadangPoliteknik Negeri PadangPoliteknik Negeri Padang As cloud computing grows exponentially, organizations face escalating cybersecurity challenges due to increased cyber threats and attacks on cloud-based networks. Monitoring cloud servers is one action that can be taken to improve the security. This can be done with the help of various server monitoring tools, such as Wazuh. The study investigates Wazuh's effectiveness in real-time monitoring of three AWS EC2 instance-based cloud servers. Wazuh's capabilities such as log data collection, malware detection, active response automation, and Docker container monitoring, are examined. The research reveals detailed insights into user activities, web server access, and database operations. Wazuh proves adept at tracking file integrity, detecting malware, and responding actively, as evidenced by the 342 alerts generated during a 24-hour monitoring period. The result shows that Wazuh is a particularly effective tool for protecting cloud environments from cyberattacks because it provides quick and ongoing security monitoring, which is essential for securing intricate cloud infrastructures. http://10.250.30.20/index.php/JITCE/article/view/210Network MonitoringSecurity DetectionSIEMWazuh |
| spellingShingle | Alde Alanda H.A Mooduto Ronal Hadi Real-time Defense Against Cyber Threats: Analyzing Wazuh's Effectiveness in Server Monitoring JITCE (Journal of Information Technology and Computer Engineering) Network Monitoring Security Detection SIEM Wazuh |
| title | Real-time Defense Against Cyber Threats: Analyzing Wazuh's Effectiveness in Server Monitoring |
| title_full | Real-time Defense Against Cyber Threats: Analyzing Wazuh's Effectiveness in Server Monitoring |
| title_fullStr | Real-time Defense Against Cyber Threats: Analyzing Wazuh's Effectiveness in Server Monitoring |
| title_full_unstemmed | Real-time Defense Against Cyber Threats: Analyzing Wazuh's Effectiveness in Server Monitoring |
| title_short | Real-time Defense Against Cyber Threats: Analyzing Wazuh's Effectiveness in Server Monitoring |
| title_sort | real time defense against cyber threats analyzing wazuh s effectiveness in server monitoring |
| topic | Network Monitoring Security Detection SIEM Wazuh |
| url | http://10.250.30.20/index.php/JITCE/article/view/210 |
| work_keys_str_mv | AT aldealanda realtimedefenseagainstcyberthreatsanalyzingwazuhseffectivenessinservermonitoring AT hamooduto realtimedefenseagainstcyberthreatsanalyzingwazuhseffectivenessinservermonitoring AT ronalhadi realtimedefenseagainstcyberthreatsanalyzingwazuhseffectivenessinservermonitoring |