Date of Award
Summer 2020
Document Type
Thesis
Degree Name
Master of Science (MS)
Department
Computer Science
Program
Computing
First Advisor
Kaczmarek, Thomas
Second Advisor
Perouli, Debbie
Third Advisor
Zimmer, Michael
Abstract
Increased Cyber-attacks on the IT infrastructure is a grave concern for organizations. Cyber defense and cyber threat remediation have become topmost priority of organizations. This thesis explains the core concepts of SIEM, UEBA, SOAR and SOC (SUSS) and explains the details of an experimental solution to which was applied MSCS 6560 lab computers for real time cyber threat detection and remediations. To test and validate SUSS concepts, these technologies were successfully applied to a small lab environment in the MSCS infrastructure for the graduate class on the Principle of Service Management and System Administration. Lab machines in this class were used by students in a progression of assignments to implement a common web service, WordPress, and other services. We hope this study would encourage use of commercial tools like Splunk on university lab computers for improving its cyber defense posture.