Splunk in prikaz uporabe podatkov

izboljšanje varnosti s pomočjo napredne analitike

Anja Kotnik (Avtor), Blaž Markelj (Mentor)

Povzetek

Informacijska varnost je zaščita informacijskih virov, ki jih najdemo v sistemu informacijske tehnologije. Za njeno varnost so ključni trije pogoji: razpoložljivost, celovitost in zaupnost. Ko ti pogoji niso izpolnjeni, prihaja do različnih groženj, kot so manipulacija informacij, izsiljevalska programska oprema, socialni inženiring in mnoge druge. Pred tem se lahko zavarujemo z različnimi tehnikami ali orodji, ki so temu namenjeni. Med nekatere tehnike sodijo avtentikacija, avtorizacija, šifriranje, požarni zid in psevdominizacija. Najboljšo varnost zagotovimo tako, da uporabljamo več različnih tehnik hkrati. Kar se tiče orodij, obstaja več različnih vrst. V diplomski nalogi smo prestavili orodje Splunk, ki se uporablja za iskanje, spremljanje in analizo podatkov iz različnih virov. Za prikaz uporabe podatkov smo uporabili javno dostopne podatke »botsv3«, ki smo vpeljali v Splunk in prikazali na več različnih načinov. V zadnjem delu smo se posvetili raziskavi ozaveščenosti ljudi o informacijski varnosti in njihovem poznanju Splunka. V anketi je sodelovalo 130 anketirancev različnih starostnih skupin, ki so pomagali pri potrditvi oziroma zanikanju naših hipotez, ki smo jih postavili na začetku. Z rezultati smo dve hipotezi potrdili in eno zanikali.

Ključne besede

Splunk;informacijska varnost;podatki;diplomske naloge;

Podatki

Jezik:	Slovenski jezik
Leto izida:	2024
Tipologija:	2.11 - Diplomsko delo
Organizacija:	UM FVV - Fakulteta za varnostne vede
Založnik:	[A. Kotnik]
UDK:	004.056(043.2)
COBISS:	208816131
Št. ogledov:	0
Št. prenosov:	1
Ocena:	0 (0 glasov)
Metapodatki:

Ostali podatki

Sekundarni jezik:	Angleški jezik
Sekundarni naslov:	Splunk and the demonstration of data use: enhancing security through advanced analytics
Sekundarni povzetek:	Information security is the protection of information resources found in an information technology system. Three conditions are essential for its security: availability, integrity and confidentiality. When these conditions are not met, various threats occur, such as information manipulation, ransomware, social engineering and many others. We can protect ourselves against these with various techniques or tools designed for this purpose. Some of the techniques include authentication, authorization, encryption, firewall and pseudonymisation. The best security is achieved by using several different techniques at the same time. As far as tools are concerned, there are several different types. In this thesis we have reviewed the Splunk tool, which is used to find, monitor and analyze data from a variety of sources. To demonstrate the use of the data we have used publicly available data "botsv3", which we have implemented in Splunk and displayed in several different ways. In the last part of the work, we looked at people's awareness of information security and their knowledge of Splunk. 130 respondents of different age groups took part in the survey, which helped to confirm or deny our hypotheses that we set at the beginning. The results confirmed two hypotheses and denied one. In the last part of the work, we looked at people's awareness of information security and their knowledge of Splunk. 130 respondents of different age groups took part in the survey, which helped to confirm or deny our hypotheses that we set at the beginning. The results confirmed two hypotheses and denied one.
Sekundarne ključne besede:	Varstvo podatkov (računalništvo);Grožnje;Univerzitetna in visokošolska dela;
Vrsta dela (COBISS):	Diplomsko delo/naloga
Komentar na gradivo:	Univ. v Mariboru, Fak. za varnostne vede, Ljubljana
Strani:	XI f., [64] str.
ID:	25133190