Web Attack Prevention with Mini SIEM Cybersecurity Surveillance Systems: A Case Study of Khon Kaen University Library

Khon Kaen University Library operates multiple websites that serve both users and staff. In the past, these websites have been targeted by cyberattacks; however, system administrators and website managers were unable to detect the attacks in real-time. This research aims to enhance website security through a cybersecurity monitoring system (Mini SIEM) to prevent cyberattacks and provide immediate alerts to system administrators. The system enables administrators to monitor, investigate, and notify website managers to address and patch vulnerabilities promptly. The research methodology involved collecting log data from various web servers into a centralized server, storing log data in a database, and developing an application to scan for attack patterns used by hackers. The system then presents a summary dashboard and alerts administrators upon detecting potential security threats. The results demonstrated that the system effectively prevented cyberattacks and promptly alerted administrators when websites were at risk. Moreover, the system successfully reduced the number of high-risk logs by 95% compared to the initial phase of the research project in April and the final phase in August 2023.