Analisis Sistem Security Information and Event Management (SIEM) Aplikasi Wazuh pada Dinas Komunikasi Informatika Statistik dan Persandian Sulawesi Selatan

Authors

  • Mardhiyah Nas
  • Farchia Ulfiah
  • Ulya Putri

DOI:

https://doi.org/10.31963/elekterika.v20i2.4536

Keywords:

SIEM, Wazuh App, DDoS, Brute Force

Abstract

The South Sulawesi Communication Informatics Statistics and Standardization Office is an implementer of government affairs that assists in carrying out government affairs in the fields of communication, informatics, statistics, and signage. Currently, agencies are utilizing technological developments to maximize their performance, such as the use of web servers to provide information and provide services. But of course this can cause problems such as data theft. Because of the many threats that can attack at any time. Therefore, an application is needed that can prevent this from happening. In order to overcome this, a monitoring system is implemented using the Wazuh application which is an application of SIEM. to find out how this application works in the event of an attack, testing will be carried out using 2 types of attacks, namely Distributed Denial of Service (DDoS) Slowloris and Brute Force. In this test, data will be taken in the form of application responses, namely the response time of the Wazuh application and the classification of the Wazuh application level against DDoS and Brute Force attacks which will be displayed on the Wazuh application Dashboard. Based on the test results, the wazuh application successfully detects DDoS Slowloris and Brute force attacks and can classify these two attacks at levels 3 to 10.

References

Khotimah, H., Bimantoro, F., & Kabanga, R. S. (2022). Implementasi Security Information and Event Management (SIEM) Pada Aplikasi SMS CEnter Pemenrintah Daerah Provinsi Tenggara Barat. JBegaTI, 3, 213-219.

Stankovic, S., Gajin, S., Petrovic, R., member, & IEEE. (2022). A Review Of Wazuh Tool Capaabilities For Detecting Attacks Based on Log Analysis. IceTRAN, 1-5.

Pratama, M. D., Nova, F., & Prayama, D. (2022). Wazuh Sebagai Log Event Menagement dan Deteksi Celah Keamanan pada Server dari Serangan DoS. Jitsi, 3, 1-7.

Yasin, A., & Mohidin, I. (2018). DAMPAK SERANGAN DDOS PADA SOFEWARE BASED OPENFOW SWITCH DI PERANGKAT HG553. Jtech, vol 6, 72.

Gunawan, I. (2016, September). PENGGUNAAN BRUTE FORCE ATTACK DALAM PENERAPANNYA PADA CRYPT8 DAN CSA-RAINBOW TOOL UNTUK MENCARI BISS. InfoTekJar, vol 1, 52-53.

Artha Kusuma, G. H. (2022). Sistem Firewall untuk Pencegahan DDOS ATTACK di Masa Pandemi Covid-19. Journal of Informatics and Advanced Computing (JIAC), Vol.3, 53.

Granadillo, G. G., Zarzosa, S. G., & Diaz, R. (2021). security Information and Event Management (SIEM): Analysis,Trends, and Usage in Critical Infrastructures. MDPI, 1-28.

Artha Kusuma, G. H. (2022). Sistem Firewall untuk Pencegahan DDOS ATTACK di Masa Pandemi Covid-19. journal of Informatics and Advanced Computing (JIAC), vol.3, 53-54.

Sutarti, Pancaro, A. P., & Saputra, F. I. (2018). IMPLEMENTASI IDS (INTRUSION DETECTION SYSTEM) PADA SISTEM KEAMANAN JARINGAN SMAN 1 CIKEUSAL. PROSISKO, Vol 5 , 3-4.

Downloads

Published

2023-11-01

Issue

Section

Cover