Secure Mechanism Applied to Big Data for IIoT by Using Security Event and Information Management System (SIEM).

It is estimated that the number of devices and sensors connected to the Internet of Things (Internet of Things) will grow to around 125 billion by the end of this decade, compared to 21 billion this year. The Internet of Things promises tremendous advantages in many applications such as industrial environment, smart homes, smart cities, smart environment, agriculture, control of critical infrastructure and smart health. However, as the number of IoT devices increases and more information is shared between IoT devices, massive amount of data is transmitted between these devices and providing security becomes a major concern for researchers, developers and users, since IoT devices have low power and limited computing and storage capabilities. Where the application of strong and complex encryption processes requires significant capabilities in terms of computing and storage, which makes these devices more vulnerable to attacks and security risks that threaten the integrity of corporate and institutional data and other information. This article proposes implementing a security solution based on the "all-in-one" architecture for Wazuh and Elastic Stack as a tester, in order to implement proof of concept to detect anomalies occurring in devices on a network, which constitute the Wazuh proxy. In this way, the security contribution proactively with the collection of logs in real time, allows this system in question to generate alerts in the event of attempted attacks and implement the active response, a measure that allows mitigation of the detected incident. This project promotes open-source software solutions, and proves to be a complete business security solution in the context of analysing log data to secure a host for the internal business network. He concluded that the solution is ideal for business environments of any type, and even more so for small environments such as our simulated environments. Considering that the method of automating responses to security incidents offers a great alternative in the field of information technology. [ABSTRACT FROM AUTHOR]