Date of Award

Summer 2020

Document Type

Thesis

Degree Name

Master of Science (MS)

Department

Computer Science

Program

Computing

First Advisor

Kaczmarek, Thomas

Second Advisor

Perouli, Debbie

Third Advisor

Zimmer, Michael

Abstract

Increased Cyber-attacks on the IT infrastructure is a grave concern for organizations. Cyber defense and cyber threat remediation have become topmost priority of organizations. This thesis explains the core concepts of SIEM, UEBA, SOAR and SOC (SUSS) and explains the details of an experimental solution to which was applied MSCS 6560 lab computers for real time cyber threat detection and remediations. To test and validate SUSS concepts, these technologies were successfully applied to a small lab environment in the MSCS infrastructure for the graduate class on the Principle of Service Management and System Administration. Lab machines in this class were used by students in a progression of assignments to implement a common web service, WordPress, and other services. We hope this study would encourage use of commercial tools like Splunk on university lab computers for improving its cyber defense posture.

COinS