Information Security System Design Using XDR And EDR

  • Dedi Soleman Computer Science Department, Universitas Bina Nusantara, Jakarta
  • Benfano Soewito Computer Science Department, Universitas Bina Nusantara, Jakarta
https://doi.org/10.25139/inform.v9i1.7331
Abstract views: 114 , PDF downloads: 74
Keywords: Cyber Attacks, Cyber Security, Firewall, XDR, EDR

Abstract

The development of technology has provided many benefits in providing services to the community and helping to manage government efficiently. However, increasing reliance on technology also indirectly increases the risk of cyberattacks. Every company has the threat of cyber attacks from hackers who try to access and possess important and confidential assets both from inside and outside the company. To protect these assets, a cybersecurity system is needed that is able to protect against various threats of attack from irresponsible parties. A layered cybersecurity system is needed to be able to detect and respond to cyber attacks that occur automatically. XDR is a tool to detect and respond to cyber attacks based on the results of data analysis throughout the infrastructure with the aim of improving the efficiency of security operations. In addition, a system is also needed that is able to detect, alert, investigate, isolate and remove malicious software at endpoints in real-time, this system is called EDR. The test results after the implementation of the security system are systems that can monitor cyber attacks that appear in real-time, provide an automatic response so that information security on servers and endpoint devices can be protected.

References

C. Schröer, F. Kruse, and J. M. Gómez, “A systematic literature review on applying CRISP-DM process model,” Procedia Comput. Sci., vol. 181, no. 2019, pp. 526–534, 2021, doi: 10.1016/j.procs.2021.01.199.

E. Sindiren and B. Ciylan, “Privileged account management approach for preventing insider attacks,” Int. J. Comput. Sci. Netw. Secur., vol. 18, no. 1, pp. 33–42, 2018.

L. Santos, C. Rabadao, and R. Gonçalves, “Intrusion detection systems in Internet of Things: A literature review,” in 2018 13th Iberian Conference on Information Systems and Technologies (CISTI), IEEE, 2018, pp. 1–7.

N. Mazhar, R. Salleh, M. A. Hossain, and M. Zeeshan, “SDN based intrusion detection and prevention systems using manufacturer usage description: A survey,” Int. J. Adv. Comput. Sci. Appl., vol. 11, no. 12, 2020.

P. R. Brandao and J. Nunes, “Extended Detection and Response”.

D. A. S. GEORGE, A. S. H. George, T. Baskar, and D. Pandey, “XDR: The Evolution of Endpoint Security Solutions-Superior Extensibility and Analytics to Satisfy the Organizational Needs of the Future,” Int. J. Adv. Res. Sci. Commun. Technol., vol. 8, no. 1, pp. 493–501, 2021.

M. A. Halim, A. Abdullah, and K. A. Z. Ariffin, “Recurrent neural network for malware detection,” Int. J. Adv. Soft Compu. Appl, vol. 11, no. 1, pp. 43–63, 2019.

J. Mcafee, “‘What Is XDR? Extended Detection and Response,’” 2021. [Online]. Available: https://www.mcafee.com/enterprise/en-us/security- awareness/endpoint/what-is-xdr.html

Cisco. (n.d.)., “Understanding Extended Detection and Response (XDR),” 2023. [Online]. Available: https://www.cisco.com/c/en/us/products/collateral/security/securex/xdr-buyer-guide.html

I. Bachane, Y. I. K. Adsi, and H. C. Adsi, “Real time monitoring of security events for forensic purposes in Cloud environments using SIEM,” in 2016 Third International Conference on Systems of Collaboration (SysCo), IEEE, 2016, pp. 1–3.

C. Arfanudin, B. Sugiantoro, and Y. Prayudi, “Analisis Serangan Router Dengan Security Information and Event Management Dan Implikasinya Pada Indeks Keamanan Informasi,” CyberSecurity dan Forensik Digit, vol. 2, no. 1, pp. 1–7, 2019.

M. Palmieri, N. Shortland, and P. McGarry, “Personality and online deviance: The role of reinforcement sensitivity theory in cybercrime,” Comput. Human Behav., vol. 120, p. 106745, 2021.

C. Nilă, I. Apostol, and V. Patriciu, “Machine learning approach to quick incident response,” in 2020 13th International Conference on Communications (COMM), IEEE, 2020, pp. 291–296.

G. Karantzas and C. Patsakis, “An empirical assessment of endpoint detection and response systems against advanced persistent threats attack vectors,” J. Cybersecurity Priv., vol. 1, no. 3, pp. 387–421, 2021.

B. T. O’hara and B. Malisow, Ccsp (ISC) 2 certified cloud security professional official study guide. John Wiley & Sons, 2017.

M. Chopra and C. Mahapatra, “Significance of security information and event management (SIEM) in modern organizations,” Int. J. Innov. Technol. Explor. Eng, vol. 8, no. 7, pp. 432–435, 2019.

S. Chandel, M. Yan, S. Chen, H. Jiang, and T.-Y. Ni, “Threat intelligence sharing community: A countermeasure against advanced persistent threat,” in 2019 IEEE Conference on Multimedia Information Processing and Retrieval (MIPR), IEEE, 2019, pp. 353–359.

S. Chandel, S. Yu, T. Yitian, Z. Zhili, and H. Yusheng, “Endpoint protection: Measuring the effectiveness of remediation technologies and methodologies for insider threat,” in 2019 international conference on cyber-enabled distributed computing and knowledge discovery (cyberc), IEEE, 2019, pp. 81–89.

J. M. Biju, N. Gopal, and A. J. Prakash, “Cyber attacks and its different types,” Int. Res. J. Eng. Technol., vol. 6, no. 3, pp. 4849–4852, 2019.

M. I. Alghamdie, “WITHDRAWN: A novel study of preventing the cyber security threats.” Elsevier, 2021.

J. Kinyua and L. Awuah, “AI/ML in Security Orchestration, Automation and Response: Future Research Directions.,” Intell. Autom. Soft Comput., vol. 28, no. 2, 2021.

A. A. Aziz and Z. Amtul, “Developing Trojan horses to induce, diagnose and suppress Alzheimer’s pathology,” Pharmacol. Res., vol. 149, p. 104471, 2019.

D. Al Shaer, O. Al Musaimi, B. G. de la Torre, and F. Albericio, “Hydroxamate siderophores: Natural occurrence, chemical synthesis, iron binding affinity and use as Trojan horses against pathogens,” Eur. J. Med. Chem., vol. 208, p. 112791, 2020.

D. C. Patel et al., “Paradoxical motion on sniff test predicts greater improvement following diaphragm plication,” Ann. Thorac. Surg., vol. 111, no. 6, pp. 1820–1826, 2021.

C. Topping, A. Dwyer, O. Michalec, B. Craggs, and A. Rashid, “Beware suppliers bearing gifts!: Analysing coverage of supply chain cyber security in critical national infrastructure sectorial and cross-sectorial frameworks,” Comput. Secur., vol. 108, p. 102324, 2021.

Published
2024-01-15
How to Cite
Soleman, D., & Soewito, B. (2024). Information Security System Design Using XDR And EDR. Inform : Jurnal Ilmiah Bidang Teknologi Informasi Dan Komunikasi, 9(1), 51-57. https://doi.org/10.25139/inform.v9i1.7331
Issue
Vol. 9 No. 1 (2024)
Section
Articles

Copyright (c) 2024 Dedi Soleman, Benfano Soewito

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Authors who publish with Inform: Jurnal Ilmiah Bidang Teknologi Informasi dan Komunikasi agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License (CC BY-SA 4.0) that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal. 

  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.

  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.