International Research Journal of Innovations in Engineering and Technology - IRJIET International Open Access, Monthly, Peer Reviewed, Reputed Journal ISSN (online): 2581-3048

Impact Factor (2025): 6.9

DOI Prefix: 10.47001/IRJIET

Security Operation Center for Healthcare Sector

Abeysinghe A.M.S.B.Faculty of Computing, Sri Lanka Institute of Information Technology, Malabe, Sri LankaDe Zoysa M.T.R.Faculty of Computing, Sri Lanka Institute of Information Technology, Malabe, Sri LankaSamuditha K.M.Y.Faculty of Computing, Sri Lanka Institute of Information Technology, Malabe, Sri LankaDissanayake D.J.D.H.T.Faculty of Computing, Sri Lanka Institute of Information Technology, Malabe, Sri LankaKanishka YapaFaculty of Computing, Sri Lanka Institute of Information Technology, Malabe, Sri LankaUditha DharmkeerthiFaculty of Computing, Sri Lanka Institute of Information Technology, Malabe, Sri Lanka

Vol 7 No 11 (2023): Volume 7, Issue 11, November 2023 | Pages: 299-306

International Research Journal of Innovations in Engineering and Technology

OPEN ACCESS | Research Article | Published Date: 10-11-2023

doi Logo doi.org/10.47001/IRJIET/2023.711041

pdf iconFull Text PDF
Abstract

The rapid rise of cybersecurity threats has led to the development of advanced security operations centers (SOCs) that can identify and respond to cyber-attacks in real-time. This research aims to design and implement a next-generation automated SOC using an automated ELK stack, threat hunting, intelligence, MITRE attack framework, and HIPAA compliance. The system will be evaluated using real-world scenarios to assess its effectiveness in enhancing SOC operations and threat identification. The study predicts that the next-generation automated SOC with an ELK stack will significantly improve cybersecurity operations by providing real-time network activity visibility, identifying, and analyzing threats, and automating response activities. The findings will emphasize the importance of incorporating new technologies into SOC operations and the need for continuous monitoring and enhancement. The study recommends further research into the integration of the ELK stack into automated SOC operations for better threat identification and response.

Keywords

ELK, SOC, Kibana, Logstash, Automated MITRE Attack, Automated Threat Hunting, Automated Threat Intelligence, HIPAA Compliance, RBAC (Role Based Access Control), Machine Learning.


Citation of this Article

Abeysinghe A.M.S.B., De Zoysa M.T.R., Samuditha K.M.Y., Dissanayake D.J.D.H.T., Kanishka Yapa, Uditha Dharmkeerthi, “Security Operation Center for Healthcare Sector” Published in International Research Journal of Innovations in Engineering and Technology - IRJIET, Volume 7, Issue 11, pp 299-306, November 2023. Article DOI https://doi.org/10.47001/IRJIET/2023.711041

Licence Copyright (c) 2026 International Research Journal of Innovations in Engineering and Technology creative common licence This work is licensed under Creative common Attribution Non Commercial 4.0 Internation Licence
References
  1. “Implementing MITRE ATT&CK – Innovate Cybersecurity | Threat Advisory, News, and Events.” https://innovatecybersecurity.com/news/implementing-mitre-attack/ (accessed Mar. 20, 2023).
  2. R. Al-Shaer, J. M. Spring, and E. Christou, “Learning the Associations of MITRE ATT&CK Adversarial Techniques,” Apr. 2020, Accessed: Mar. 20, 2023. [Online]. Available: https://www.researchgate.net/publication/341149123_Learning_the_Associations_of _MITRE_ATTCK_Adversarial_Techniques 
  3. “Benefits of a Continuous SOC | Fortified Health Security.” https://fortifiedhealthsecurity.com/blog/how-a-continuous-soc-can-help-healthcarefacilities-avoid-data-loss/ (accessed Mar. 20, 2023). 
  4. “Basic Threat Hunting Using the MITRE ATT&K Framework.” https://www.linkedin.com/pulse/basic-threat-hunting-using-mitre-attk-frameworkalex-hardt (accessed Mar. 20, 2023).
  5. A.Adedoyin and H. Teymourlouei, “Methods for automating threat hunting and response,” in 2021 International Conference on Electrical, Computer and Energy Technologies (ICECET), 2021.
  6. M. Arafune et al., “Design and development of automated threat hunting in industrial control systems,” in 2022 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events (PerCom Workshops), 2022.
  7. A.J. Horta Neto and A. Fernandes Pereira dos Santos, “Cyber threat hunting through automated hypothesis and multi-criteria decision making,” in 2020 IEEE International Conference on Big Data (Big Data), 2020.
  8. S. Moza A L and Anupriya, “Automated threat hunting using ELK stack - A case study,” Indian J. Comput. Sci. Eng., vol. 10, no. 5, pp. 118–127, 2019.
  9. A.Yazdinejad, M. Kazemi, R. M. Parizi, A. Dehghantanha, and H. Karimipour, “An ensemble deep learning model for cyber threat hunting in industrial internet of things,” Digit. Commun. Netw., vol. 9, no. 1, pp. 101–110, 2023.
  10. M. Guarascio, N. Cassavia, F. S. Pisani, and G. Manco, “Boosting cyber-threat intelligence via collaborative intrusion detection,” Future Gener. Comput. Syst., vol. 135, pp. 30–43, 2022
  11. Z.-X. Li, Y.-J. Li, Y.-W. Liu, C. Liu, and N.-X. Zhou, “K-CTIAA: Automatic analysis of cyber threat intelligence based on a knowledge graph,” Symmetry (Basel), vol. 15, no. 2, p. 337, 2023
  12. K. M. Khan and Y. Bai, “Automatic verification of health regulatory compliance in cloud computing,” IEEE Xplore, Oct. 01, 2013. https://ieeexplore.ieee.org/abstract/document/6720770 (accessed Mar. 28, 2023).
  13. E. B. Sloane and C. C. Carey, “Using Standards to Automate Electronic Health Records (EHRs) and to Create Integrated Healthcare Enterprises,” IEEE Xplore, Aug. 01, 2007. https://ieeexplore.ieee.org/abstract/document/4353765/ (accessed Mar. 28, 2023).
  14. M. Zineddine, “Automated healthcare information privacy and security: UAE case,” IEEE Xplore, Dec. 01, 2011. https://ieeexplore.ieee.org/abstract/document/6148404 (accessed Mar. 28, 2023).
  15. A.Mahindrakar and K. P. Joshi, “Automating GDPR Compliance using Policy Integrated Blockchain,” 2020 IEEE 6th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS), May 2020, doi: https://doi.org/10.1109/bigdatasecurity-hpsc-ids49724.2020.00026.

Copyright @ 2026 IRJIET. All Right Reserved.

Licensed underCreative Commons Attribution 4.0 International License.