<![CDATA[Privilege escalation is one of the most critical cyberattacks because it enables adversaries with limited rights to gain full system control. Such attacks often act as gateways to larger data breaches, as seen in the 2016 Uber incident that exposed 57 million users’ personal data. This study implements and evaluates an open-source integrated intrusion detection system by combining Wazuh (HIDS), Suricata (NIDS), and the ELK Stack (Elasticsearch, Logstash, Kibana) on Ubuntu Server.Experiments were conducted through privilege escalation attack simulations using Metasploit, covering kernel exploits, misconfigurations, and software vulnerabilities. Findings reveal that the integrated system delivers broader detection compared to the default Wazuh configuration, capturing both host-level activities and network traffic. Quantitatively, a major difference was observed in response time: the integrated system detected and blocked malicious actions within 1–2 seconds, whereas the standalone system required 2–5 minutes and lacked automated blocking capabilities.Additionally, integration with the Kibana dashboard provided real-time, interactive visualization of threats, enabling administrators to trace attack patterns and respond swiftly. Overall, this research demonstrates that an integrative approach enhances detection accuracy, shortens response time, and significantly improves the quality of cybersecurity monitoring]]>
Copyrights © 2025
