{"id":"https://openalex.org/W4412596234","doi":"https://doi.org/10.7148/2025-0269","title":"Implementation Of A SIEM System Using Splunk And The Enterprise Security Module And Analysis Of Its Effectiveness In Detecting Cyber Threats","display_name":"Implementation Of A SIEM System Using Splunk And The Enterprise Security Module And Analysis Of Its Effectiveness In Detecting Cyber Threats","publication_year":2025,"publication_date":"2025-06-24","ids":{"openalex":"https://openalex.org/W4412596234","doi":"https://doi.org/10.7148/2025-0269"},"language":"en","primary_location":{"id":"doi:10.7148/2025-0269","is_oa":true,"landing_page_url":"https://doi.org/10.7148/2025-0269","pdf_url":"http://www.scs-europe.net/dlib/2025/ecms2025acceptedpapers/0269_secmos_ecms2025_0064.pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ECMS 2025 Proceedings edited by Marco Scarpa, Salvatore Cavalieri, Salvatore Serrano, Fabrizio De Vita","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"http://www.scs-europe.net/dlib/2025/ecms2025acceptedpapers/0269_secmos_ecms2025_0064.pdf","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Maciej Kozak","orcid":null},"institutions":[{"id":"https://openalex.org/I4210092770","display_name":"Cracow University of Technology","ror":null,"country_code":"PL","type":null,"lineage":["https://openalex.org/I4210092770"]}],"countries":["PL"],"is_corresponding":true,"raw_author_name":"Maciej Kozak","raw_affiliation_strings":["Department of Computer Science Cracow University of Technology Cracow , Poland"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science Cracow University of Technology Cracow , Poland","institution_ids":["https://openalex.org/I4210092770"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5055653957","display_name":"Anna Plichta","orcid":"https://orcid.org/0000-0001-6503-308X"},"institutions":[{"id":"https://openalex.org/I4210092770","display_name":"Cracow University of Technology","ror":null,"country_code":"PL","type":null,"lineage":["https://openalex.org/I4210092770"]}],"countries":["PL"],"is_corresponding":false,"raw_author_name":"Anna Plichta","raw_affiliation_strings":["Department of Computer Science Cracow University of Technology Cracow , Poland"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science Cracow University of Technology Cracow , Poland","institution_ids":["https://openalex.org/I4210092770"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I4210092770"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.25768304,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"269","last_page":"275"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T13038","display_name":"Internet of Things and AI","score":0.3555000126361847,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T13038","display_name":"Internet of Things and AI","score":0.3555000126361847,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T13693","display_name":"Smart Systems and Machine Learning","score":0.3125999867916107,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.3066999912261963,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.702761173248291},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5818310379981995},{"id":"https://openalex.org/keywords/security-analysis","display_name":"Security analysis","score":0.4353945851325989}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.702761173248291},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5818310379981995},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.4353945851325989}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.7148/2025-0269","is_oa":true,"landing_page_url":"https://doi.org/10.7148/2025-0269","pdf_url":"http://www.scs-europe.net/dlib/2025/ecms2025acceptedpapers/0269_secmos_ecms2025_0064.pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ECMS 2025 Proceedings edited by Marco Scarpa, Salvatore Cavalieri, Salvatore Serrano, Fabrizio De Vita","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.7148/2025-0269","is_oa":true,"landing_page_url":"https://doi.org/10.7148/2025-0269","pdf_url":"http://www.scs-europe.net/dlib/2025/ecms2025acceptedpapers/0269_secmos_ecms2025_0064.pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ECMS 2025 Proceedings edited by Marco Scarpa, Salvatore Cavalieri, Salvatore Serrano, Fabrizio De Vita","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4412596234.pdf","grobid_xml":"https://content.openalex.org/works/W4412596234.grobid-xml"},"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W4391913857","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4409144983"],"abstract_inverted_index":{"The":[0,24,72,139,179],"article":[1],"focuses":[2],"on":[3,132,169,193],"the":[4,9,27,32,48,66,79,82,94,105,126,133,147,164,173],"implementation":[5],"and":[6,16,42,59,86,90,110,121,125,158,197,203],"configuration":[7,61,120,145],"of":[8,26,47,51,68,78,84,93,107,128,146,176],"Splunk":[10],"Enterprise":[11],"Security":[12],"SIEM":[13,80,148,195],"(Security":[14],"Information":[15],"Event":[17],"Management)":[18],"system":[19,149],"in":[20,35,97],"a":[21,75,188],"test":[22],"environment.":[23],"objective":[25],"research":[28,184],"was":[29,102,137],"to":[30,64,104,118,172],"analyze":[31],"system's":[33,95,134,165],"effectiveness":[34,67,96,166],"detecting":[36],"cyber":[37],"threats,":[38],"its":[39,170],"practical":[40],"application,":[41],"optimization":[43],"possibilities.":[44],"As":[45],"part":[46],"experiments,":[49],"simulations":[50],"real-world":[52],"attacks\u2014such":[53],"as":[54,187],"brute-force":[55],"attempts,":[56],"privilege":[57],"escalation,":[58],"network":[60],"changes\u2014were":[62],"conducted":[63],"verify":[65],"custom":[69],"detection":[70,88,130,157],"rules.":[71],"study":[73],"included":[74],"detailed":[76],"assessment":[77],"architecture,":[81],"process":[83],"creating":[85],"optimizing":[87,194],"rules,":[89],"an":[91,177],"analysis":[92,140,205],"threat":[98],"detection.":[99],"Particular":[100],"attention":[101],"given":[103],"issue":[106],"false":[108],"positives":[109],"methods":[111],"for":[112,161,190],"their":[113],"minimization.":[114],"Additionally,":[115],"challenges":[116],"related":[117],"log":[119],"management":[122],"were":[123],"analyzed,":[124],"impact":[127],"customized":[129],"rules":[131],"overall":[135],"efficiency":[136],"evaluated.":[138],"results":[141],"indicate":[142],"that":[143],"proper":[144],"can":[150,185],"significantly":[151],"enhance":[152],"IT":[153],"security":[154],"by":[155],"reducing":[156],"response":[159],"times":[160],"incidents.":[162],"However,":[163],"largely":[167],"depends":[168],"adaptation":[171],"specific":[174],"requirements":[175],"organization.":[178],"conclusions":[180],"drawn":[181],"from":[182],"this":[183],"serve":[186],"foundation":[189],"further":[191],"work":[192],"systems":[196],"integrating":[198],"them":[199],"with":[200],"advanced":[201],"automation":[202],"behavioral":[204],"technologies.":[206]},"counts_by_year":[],"updated_date":"2026-04-21T08:09:41.155169","created_date":"2025-10-10T00:00:00"}