International Research Journal of Innovations in Engineering and Technology - IRJIET International Open Access, Monthly, Peer Reviewed, Reputed Journal ISSN (online): 2581-3048

Impact Factor (2025): 6.9

DOI Prefix: 10.47001/IRJIET

Security Operation Center for Healthcare Sector

Abstract

The rapid rise of cybersecurity threats has led to the development of advanced security operations centers (SOCs) that can identify and respond to cyber-attacks in real-time. This research aims to design and implement a next-generation automated SOC using an automated ELK stack, threat hunting, intelligence, MITRE attack framework, and HIPAA compliance. The system will be evaluated using real-world scenarios to assess its effectiveness in enhancing SOC operations and threat identification. The study predicts that the next-generation automated SOC with an ELK stack will significantly improve cybersecurity operations by providing real-time network activity visibility, identifying, and analyzing threats, and automating response activities. The findings will emphasize the importance of incorporating new technologies into SOC operations and the need for continuous monitoring and enhancement. The study recommends further research into the integration of the ELK stack into automated SOC operations for better threat identification and response.

Country : Sri Lanka

1 Abeysinghe A.M.S.B.2 De Zoysa M.T.R.3 Samuditha K.M.Y.4 Dissanayake D.J.D.H.T.5 Kanishka Yapa6 Uditha Dharmkeerthi

  1. Faculty of Computing, Sri Lanka Institute of Information Technology, Malabe, Sri Lanka
  2. Faculty of Computing, Sri Lanka Institute of Information Technology, Malabe, Sri Lanka
  3. Faculty of Computing, Sri Lanka Institute of Information Technology, Malabe, Sri Lanka
  4. Faculty of Computing, Sri Lanka Institute of Information Technology, Malabe, Sri Lanka
  5. Faculty of Computing, Sri Lanka Institute of Information Technology, Malabe, Sri Lanka
  6. Faculty of Computing, Sri Lanka Institute of Information Technology, Malabe, Sri Lanka

IRJIET, Volume 7, Issue 11, November 2023 pp. 299-306

doi.org/10.47001/IRJIET/2023.711041

Full Paper
Download

References

  1. “Implementing MITRE ATT&CK – Innovate Cybersecurity | Threat Advisory, News, and Events.” https://innovatecybersecurity.com/news/implementing-mitre-attack/ (accessed Mar. 20, 2023).
  2. R. Al-Shaer, J. M. Spring, and E. Christou, “Learning the Associations of MITRE ATT&CK Adversarial Techniques,” Apr. 2020, Accessed: Mar. 20, 2023. [Online]. Available: https://www.researchgate.net/publication/341149123_Learning_the_Associations_of _MITRE_ATTCK_Adversarial_Techniques 
  3. “Benefits of a Continuous SOC | Fortified Health Security.” https://fortifiedhealthsecurity.com/blog/how-a-continuous-soc-can-help-healthcarefacilities-avoid-data-loss/ (accessed Mar. 20, 2023). 
  4. “Basic Threat Hunting Using the MITRE ATT&K Framework.” https://www.linkedin.com/pulse/basic-threat-hunting-using-mitre-attk-frameworkalex-hardt (accessed Mar. 20, 2023).
  5. A.Adedoyin and H. Teymourlouei, “Methods for automating threat hunting and response,” in 2021 International Conference on Electrical, Computer and Energy Technologies (ICECET), 2021.
  6. M. Arafune et al., “Design and development of automated threat hunting in industrial control systems,” in 2022 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events (PerCom Workshops), 2022.
  7. A.J. Horta Neto and A. Fernandes Pereira dos Santos, “Cyber threat hunting through automated hypothesis and multi-criteria decision making,” in 2020 IEEE International Conference on Big Data (Big Data), 2020.
  8. S. Moza A L and Anupriya, “Automated threat hunting using ELK stack - A case study,” Indian J. Comput. Sci. Eng., vol. 10, no. 5, pp. 118–127, 2019.
  9. A.Yazdinejad, M. Kazemi, R. M. Parizi, A. Dehghantanha, and H. Karimipour, “An ensemble deep learning model for cyber threat hunting in industrial internet of things,” Digit. Commun. Netw., vol. 9, no. 1, pp. 101–110, 2023.
  10. M. Guarascio, N. Cassavia, F. S. Pisani, and G. Manco, “Boosting cyber-threat intelligence via collaborative intrusion detection,” Future Gener. Comput. Syst., vol. 135, pp. 30–43, 2022
  11. Z.-X. Li, Y.-J. Li, Y.-W. Liu, C. Liu, and N.-X. Zhou, “K-CTIAA: Automatic analysis of cyber threat intelligence based on a knowledge graph,” Symmetry (Basel), vol. 15, no. 2, p. 337, 2023
  12. K. M. Khan and Y. Bai, “Automatic verification of health regulatory compliance in cloud computing,” IEEE Xplore, Oct. 01, 2013. https://ieeexplore.ieee.org/abstract/document/6720770 (accessed Mar. 28, 2023).
  13. E. B. Sloane and C. C. Carey, “Using Standards to Automate Electronic Health Records (EHRs) and to Create Integrated Healthcare Enterprises,” IEEE Xplore, Aug. 01, 2007. https://ieeexplore.ieee.org/abstract/document/4353765/ (accessed Mar. 28, 2023).
  14. M. Zineddine, “Automated healthcare information privacy and security: UAE case,” IEEE Xplore, Dec. 01, 2011. https://ieeexplore.ieee.org/abstract/document/6148404 (accessed Mar. 28, 2023).
  15. A.Mahindrakar and K. P. Joshi, “Automating GDPR Compliance using Policy Integrated Blockchain,” 2020 IEEE 6th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS), May 2020, doi: https://doi.org/10.1109/bigdatasecurity-hpsc-ids49724.2020.00026.

Copyright @ 2026-2017 IRJIET. All Right Reserved.

Developed by Byzero Technologies