FIISIEM
SIEM system is required to handle the increased level of security and to do analysis and management of centralized log. They were initially developed because of the inability of IT department of an organization to deal with a large number of alerts generated by Intrusion Detection System (IDS) &
2025-06-28 16:27:14 - Adil Khan
FIISIEM
Project Area of Specialization Cyber SecurityProject SummarySIEM system is required to handle the increased level of security and to do analysis and management of centralized log. They were initially developed because of the inability of IT department of an organization to deal with a large number of alerts generated by Intrusion Detection System (IDS) & Intrusion Prevention System (IPS). It is a solution that provides monitoring, detection and alerting of security events within an IT environment. SIEM analytics delivers real-time alerts, dashboard and reports to several critical and management units.
SEIM is important because it makes it easier for enterprises to manage security by filtering massive amounts of security data and prioritizing the security alerts that software generates. SIEM software enable organization to detect data that may otherwise go undetected.
Our data will be used in customization of open source SEIM solution according to the needs of a particular organization.
Our project statement is that we are taking an open source SIEM solution and we are customizing it according to the attack pattern which will be provided by an organization whom we are working with(MiGo innovations).
Result that we anticipate at the end of the project is a customized open source SIEM solution.
Our objective is to cutomize a SIEM solution that can detect in-memory malware attacks and is highly efficeint and cost effective.
FIISIEM has following properties:
- Cost effective
- Affordable
- Generates alerts
- Has a user freindly Graphical User Interface(GUI)
- Customized
- Can be deployed in a large network
Following are it's applications:
- Banks
- Telco companies
- Corporate Sector
- IT companies
- Law enforcement agencies
First of all we configure a SIEM soltion into a network to collect logs from different network devices like firewalls IDS and IPS. Than we customized it to detect in-memory malware attacks that can happen on a network.Logs are viewed in real time and alert are generated incase of an attack on the network.
Benefits of the ProjectOur customized SIEM solution will help small organizations to keep an eye on the incoming threats very efficiently and is also cost friendly than the already existing SIEM solutions that cost a hefty amount.Its relatively cheaper than already existing SIEM solutions like Q-radar, Splunk Enterprise Security ,OSSEC etc. Its also customized according to the needs of organization to make it efficient.
Technical Details of Final DeliverableLogs are generated and recorded in the form of events by the different network devices i-e firewall, IPS/IDS, routers etc . Those logs are not easily readable by layman, and attacks are easy to do , there is no real time decision making involved. In this case a SIEM solution comes in handy, it collects all the logs from network device applies set of ground rules on the real time logs and allows access according it also generates threat alarm incase an intrusion is made.
Final Deliverable of the Project HW/SW integrated systemCore Industry ITOther Industries Security Core Technology Artificial Intelligence(AI)Other Technologies OthersSustainable Development Goals Industry, Innovation and InfrastructureRequired Resources| Item Name | Type | No. of Units | Per Unit Cost (in Rs) | Total (in Rs) |
|---|---|---|---|---|
| Total in (Rs) | 61000 | |||
| Raspberry Pi | Equipment | 2 | 24500 | 49000 |
| Raspberry Pi case | Equipment | 1 | 2000 | 2000 |
| Internet | Miscellaneous | 1 | 2000 | 2000 |
| Printing | Miscellaneous | 1 | 5000 | 5000 |
| Traveling | Miscellaneous | 1 | 3000 | 3000 |