NCI WEBSITE
NORMA eResearch @NCI Library

Comparative Analysis of Splunk vs. AWS Native Monitoring Tools for Cloud Security and Threat Detection

Tools

Mala, Umadevi (2024) Comparative Analysis of Splunk vs. AWS Native Monitoring Tools for Cloud Security and Threat Detection. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (1MB) | Preview
[thumbnail of Configuration Manual]
Preview
 PDF (Configuration Manual)
Download (2MB) | Preview

Abstract

Cloud security monitoring remains critical and challenging for organizations as cyber threats have continued to evolve. While previous research by the author Ananthapadmanabhan and Achuthan (2022) explored threat detection using Splunk in cloud environments, there has been limited comparative analysis between the third-party security information and the event management (SIEM) solutions and native cloud monitoring tools. This research will address this gap by thoroughly comparing Splunk and AWS native monitoring tools, focusing on their effectiveness in threat detection and analysis. The experimental evaluation assessed both platforms across three key security scenarios: unauthorized login attempts, data exfiltration, and malware detection. The results demonstrate that while AWS native tools generally provided faster detection times, Splunk consistently achieved higher precision and recall rates. And For unauthorized login attempts, Splunk achieved 97% precision and 98% recall compared to AWS’s 94% precision and 95% recall, although AWS detected events marginally faster (6 seconds vs. 8 seconds). Similarly, in data exfiltration scenarios, Splunk showed superior accuracy with 95% precision and recall, outperforming AWS’s 89% precision and 90% recall, despite AWS’s quicker detection time (10 seconds vs. 13 seconds). We will see how these findings will provide valuable insights for organizations’ decisions about cloud security monitoring strategies. It also suggests how AWS native tools offer speed advantages, whereas Splunk delivers more comprehensive and accurate threat detection capabilities, helping organizations optimize their cloud security posture against emerging threats.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Gupta, Shaguna
UNSPECIFIED
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Cloud computing
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cloud Computing
Depositing User: Ciara O'Brien
Date Deposited: 15 Jul 2025 14:15
Last Modified: 15 Jul 2025 14:15
URI: https://norma.ncirl.ie/id/eprint/8119

Actions (login required)

View Item View Item