Implementasi Security Information And Event Management (SIEM) Untuk Deteksi Dan Analisa Insiden Keamanan Pada Web Server

Hadi, Muhammad Sofiyan and , Devi Afriyantari Puspa Putri, S.Kom., M.Sc (2023) Implementasi Security Information And Event Management (SIEM) Untuk Deteksi Dan Analisa Insiden Keamanan Pada Web Server. Skripsi thesis, Universitas Muhammadiyah Surakarta.

BACA FULLTEXT
[img] PDF (Naskah Publikasi)
Naskah Publikasi_L200190199_Muhammad Sofiyan Hadi 2.pdf
Download (463kB)
[img] PDF (Surat Pernyataan Publikasi)
Pernyataan publikasi - Sofiyan.pdf
Restricted to Repository staff only
Download (690kB) | Request a copy

Abstract

Website is a form of technology that emerged from the development of internet network access. The convenience offered on the website is widely used by agencies and companies as a means to share information and improve services. This is because the website is able to display text, graphic and sound information from anywhere via the internet network. Behind this convenience, there is a risk of cybersecurity threats in the use of internet-based technology because it can be accessed from anywhere and by anyone, including threat actors who want to steal sensitive information or take over the system. In this study, the authors try to overcome these problems through the implementation of SIEM using Wazuh combined with Suricata and integrated with Telegram to detect security incidents on web servers and then analyze these incidents to find out the truth. The method used in this study is an experimental method with stages consisting of needs analysis, system design, implementation, testing, and evaluation. Based on the test results of several web server attack techniques, the system is able to detect security incidents against the web server and then forward the detected security incident logs to the SIEM Wazuh central engine so that it can generate security alerts for analysis from the Wazuh dashboard. The results of the security alert analysis show that the security alerts that appear are true incidents and are not false positives.

Item Type: Thesis (Skripsi)
Uncontrolled Keywords: cybersecurity, SIEM, IDS, wazuh, monitoring
Subjects: T Technology > TZ Technical Information
Divisions: Fakultas Ilmu Komunikasi dan Informatika > Teknik Informatika
Depositing User: MUHAMMAD SOFIYAN HADI
Date Deposited: 21 Aug 2023 09:43
Last Modified: 21 Aug 2023 09:43
URI: http://eprints.ums.ac.id/id/eprint/116796

Actions (login required)

View Item View Item
UMS ETD-db is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.