A SIEM-Driven Solution for Cyber Attack Detection in Educational Websites: Implementing Threat Log Filtering for Enhanced Security

Sutisno Candra  Kusuma; Yunus Fadhillah  Soleman; Budi  Berlinton; Jamaludin; Supriyanto  Karya

doi:10.53990/jupiter.v6i1.419

Authors

Sutisno Candra Kusuma Teknik Informatika, Institut Bisnis Muhammadiyah Bekasi
Yunus Fadhillah Soleman Teknik Informatika, Institut Bisnis Muhammadiyah Bekasi
Budi Berlinton Teknik Informatika, Universitas Multimedia Nusantara
Jamaludin Teknik Informatika, Institut Bisnis Muhammadiyah Bekasi
Supriyanto Karya Teknik Informatika, Universitas Indonesia Mandiri

DOI:

https://doi.org/10.53990/jupiter.v6i1.419

Keywords:

Cyber Security, Intrusion Detection, SIEM, Suricata, Threat Log Filtering, Wazuh

Abstract

Penelitian bertujuan untuk meningkatkan deteksi serangan siber dengan implementasi Security Information and Event Management (SIEM) menggunakan metode Threat Log Filtering. Data log dikumpulkan dari berbagai sumber, termasuk server dan jaringan, lalu dianalisis untuk mengidentifikasi aktivitas mencurigakan. Hasil penelitian menunjukkan bahwa metode ini mampu meningkatkan kecepatan deteksi serangan hingga 15% dan mengurangi tingkat false positive sebesar 5%. Implementasi ini berkontribusi pada peningkatan keamanan siber organisasi dengan memitigasi ancaman sebelum berdampak luas.

Downloads

Download data is not yet available.

References

Anastopoulos, V., & Katsikas, S. (2019). A Methodology for the Dynamic Design of Adaptive Log Management Infrastructures. ICST Transactions on Security and Safety, 6(19), 159347. https://doi.org/10.4108/eai.25-1-2019.159347

Bezas, K. (2023). Comparative Analysis of Open Source Security Information & Event Management Systems (SIEMs). Indonesian Journal of Computer Science, 12(2).

Caldeira, H. & Capstone, A. (2021). Security Information And Event Management (SIEM) Implementation Recommendations To Enhance Network Security.

Ernawati, T., Fachrozi, M. F., & Syaputri, D. D. (2019). Analysis of Intrusion Detection System Performance. IOP Conference Series: Materials Science and Engineering, 662(5).https://doi.org/10.1088/1757-899X/662/5/052013

Jalolov, T. S. (2023). Teaching The Basics Of Python Programming. International Multidisciplinary Journal For Research & Development. Volume 10, issue 11. https://www.ijmrd.in/index.php/imjrd

Laksmiati, D. (2021). Implementasi Wazuh 4.0 Untuk Perlindungan Keamanan Integritas File. In Jurnal Akrab Juara (Vol. 6) Nomor 3 Edisi Agustus 2021 (164-174).

Mulyanto, A. D. (2020). Pemanfaatan Bot Telegram Untuk Media Informasi Penelitian. MATICS, 12(1), 49. https://doi.org/10.18860/mat.v12i1.8847

Murphy, B. R. (2019). Comparing The Performance Of Intrusion Detection Systems: Snort And Suricata. A Dissertation Presented in Partial Fulfillment of the Requirements for the Degree of Doctor of Computer Science.

Ngo, T. T. T., et al. (2021). An Analytical Tool for Georeferenced Sensor Data based on ELK Stack. International Conference on Geographical Information Systems Theory, Applications and Management.https://doi.org/10.5220/0010439200820089

Pratama, M., Nova, F., & Prayama, D. (2022). Wazuh sebagai Log Event Management dan Deteksi Celah Keamanan pada Server dari Serangan Dos. Jurnal Ilmiah Teknologi Sistem Informasi (Vol. 3, Issue 1). http://jurnal-itsi.org

Thomas, L., & Bhat, S. (2022). A Comprehensive Overview of Telegram Services - A Case Study. International Journal of Case Studies in Business, IT, and Education (IJCSBE), 6(1), 2581–6942. https://doi.org/10.5281/zenodo .6513296