Volume 15 , Issue 1 , PP: 244-250, 2025 | Cite this article as | XML | Html | PDF | Full Length Article
Wasan Saad Ahmed 1 * , Ziyad Tariq Mustafa AL-Ta’I 2
Doi: https://doi.org/10.54216/JCIM.150119
In today’s rapidly evolving digital landscape and interconnected, organizations are increasingly dependent on cloud -based infrastructure, which introduces significant cybersecurity challenges due to escalating cyber threats and attacks. To effectively manage these threats, a central monitoring system is essential. Security Information and Event Management (SIEM) solution address these issues by providing real-time monitoring and analysis of security events. This research investigates the efficiency of the Wazuh SIEM system in monitoring AWS cloud services, EC2 instance, and File integrity. Wazuh automates the collection, centralization, and analysis of security events. This approach enables the detection of unauthorized activities, monitoring of file integrity, and collection of user activity logs in real-time. This study evaluates Wazuh SIEM's capabilities by executing different types of attacks in an AWS cloud environment. The result was that it generated 1774 security alert within one week. The findings demonstrate that Wazuh SIEM provides comprehensive security monitoring and threat detection, offering significant advantages for organizations security that utilize cloud services.
Cloud Computing , Cloud Monitoring , Wazuh , Network security , Security Information
[1] Ahmed, O. (2024). Enhancing Intrusion Detection in Wireless Sensor Networks through Machine Learning Techniques and Context Awareness Integration. International Journal of Mathematics, Statistics, and Computer Science, 2, 244–258. https://doi.org/10.59543/ijmscs.v2i.10377
[2] “Cloud Computing Statistics (How Many Companies Use Cloud Computing?) - Colorlib.” Accessed: Feb. 27, 2024. [Online]. Available: https://colorlib.com/wp/cloud-computing-statistics/
[3] “Ransomware attacks worldwide by country 2022 | Statista.” Accessed: Feb. 27, 2024. [Online]. Available: https://www.statista.com/statistics/1246438/ransomware-attacks-by-country/
[4] “Global cybercrime estimated cost 2028 | Statista.” Accessed: Feb. 27, 2024. [Online]. Available: https://www.statista.com/forecasts/1280009/cost-cybercrime-worldwide
[5] “Cybercrime To Cost The World $10.5 Trillion Annually By 2025.” Accessed: Feb. 27, 2024. [Online]. Available: https://cybersecurityventures.com/cybercrime-damage-costs-10-trillion-by-2025/
[6] C. M. Gutierrez and W. Jeffrey, “FIPS PUB 200 Minimum Security Requirements for Federal Information and Information Systems,” 2006.
[7] “Amazon Data Breaches: Full Timeline Through 2023.” Accessed: Feb. 28, 2024. [Online]. Available: https://firewalltimes.com/amazon-data-breach-timeline/
[8] “Access control list (ACL) overview - Amazon Simple Storage Service.” Accessed: Mar. 20, 2024. [Online]. Available: https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html
[9] “Components - Getting started with Wazuh · Wazuh documentation.” Accessed: May 03, 2024. [Online]. Available: https://documentation.wazuh.com/current/getting-started/components/index.html
[10] P. Kumar Verma Ram Manohar, A. Choudhary, P. Kumar Verma, and P. Rai, “A walkthrough of Amazon Elastic Compute Cloud (Amazon EC2): A Review,” vol. 9, 2021, doi: 10.22214/ijraset.2021.38764.
[11] “Command and Scripting Interpreter: Windows Command Shell, Sub-technique T1059.003 - Enterprise | MITRE ATT&CK®.” Accessed: Jul. 11, 2024. [Online]. Available: https://attack.mitre.org/techniques/T1059/003/
[12] “Welcome to MITRE Caldera’s documentation! — caldera documentation.” Accessed: Jul. 11, 2024. [Online]. Available: https://caldera.readthedocs.io/en/latest/
[13] “hydra | Kali Linux Tools.” Accessed: Jul. 11, 2024. [Online]. Available: https://www.kali.org/tools/hydra/
[14] “Privilege Escalation, Tactic TA0004 - Enterprise | MITRE ATT&CK®.” Accessed: Jul. 11, 2024. [Online]. Available: https://attack.mitre.org/tactics/TA0004/
