Architecture of an integrated java application for log analysis to detect computer attacks in information systems by responding to various security anomalies

Architecture of an integrated java application for log analysis to detect computer attacks in information systems by responding to various security anomalies

Objective. When integrating the ELK stack into an information system, it is necessary to have a duplicate Java application in a closed circuit for hidden anomaly processing. It is necessary to develop the architecture of a Java application for hidden integration with the information system.Method. T...

Full description

Saved in:
Bibliographic Details
Main Authors: P. I. Sharikov, A. V. Krasov, A. V. Mayorovv
Format: Article
Language:Russian
Published: Dagestan State Technical University 2025-04-01
Series:Вестник Дагестанского государственного технического университета: Технические науки
Subjects:
elk stack
elasticsearch
anomaly logs detecting
java
log analysis
Online Access:https://vestnik.dgtu.ru/jour/article/view/1709
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Objective. When integrating the ELK stack into an information system, it is necessary to have a duplicate Java application in a closed circuit for hidden anomaly processing. It is necessary to develop the architecture of a Java application for hidden integration with the information system.Method. The research used methods of analyzing information in information system logs, static analysis methods, programming for application development, and data processing algorithms.Result. An example of implementing the Elasticsearch stack for processing and storing logs is presented. An implementation of anomaly analysis using the official Elasticsearch library is proposed. Options for using Elasticsearch for anomaly analysis are considered, an implementation of anomaly analysis using the official Elasticsearch library is proposed. The architecture of a Java application integrated into an information system for automated log analysis in order to detect computer attacks or signals of their onset by searching for anomalies is proposed. Variants of anomalies in information system logs are considered and actions for their detection are described. A generalized map of the Java application workflow is demonstrated.Conclusion. The architecture of a Java application implementing the analysis of logs of an information system for key anomalies has been developed.
ISSN:2073-6185
2542-095X

Similar Items