Implementasi dan Analisis Wazuh Sebagai Intrusion Detection System (IDS) dan Platform Monitoring
DOI:
https://doi.org/10.55606/isaintek.v7i2.301Keywords:
Intrusion Detection System, Platform Monitoring, WazuhAbstract
Attacks on web applications (web application attacks) can compromise data security in hospitals which are exploited by attackers by using weaknesses in the web application code. However, there are still many developers who are less alert to attacks on web applications. To improve the security side of the web server so that it detects suspicious attacks in website network traffic, namely by using wazuh as an Intrusion Detection System (IDS) and monitoring platform. The evaluation results show that the implementation of wazuh as an Intrusion Detection System (IDS) and monitoring platform can detect attacks by closing security gaps so that attackers cannot attack in the same way.References
Ardhiansyah, M., Rahayu, S., & Rahmawati (2022). Keamanan Komputer. Banten : Unpam Pless
Argaw, S.T., et al. (2019). The State of Research on Cyberattacks Against Hospitals and Available Best Practice Recommendations : A Scoping Review. Journal of BMC Medical Informatics and Decision Making, vol. 19, no. 10, (pp. 1-11)
Arhami, M. (2024). Detection Using Intrusion Detection System (IDS) and SMS Gateway Controller. International Journal of Electronics and Tellecomunications. vol. 7, no. 2, (pp. 449-453)
Arikunto, S. (2020). Prosedur Penelitian Suatu Pendekatan Praktik. Jakarta : Rhineka Cipta
Azis, R. (2021). Pengujian Kerentanan Website Wordpress Dengan Menggunakan Penetration Testing untuk Menghasilkan Website yang Aman terhadap Serangan LFI Dan XXE Pada Rumah Sakit. Journal Riset Teknik Informatika dan Komputer. vol. 3, no. 3, (pp. 93-105)
Badan Siber dan Sandi Negara. (2018). Panduan Penanganan Insiden Serangan Denial of Service (DoS) . Jakarta : Badan Siber dan Sandi Negara
Badan Siber dan Sandi Negara. (2018). Panduan Penanganan Insiden Web Application Attack : Serangan LFI dan XXE . Jakarta : Badan Siber dan Sandi Negara
Badan Siber dan Sandi Negara. 23 Oktober (2023). Laporan Bulanan Publik Hasil Monitoring Keamanan Siber. (Online). Diakses 23 Oktober 2023 dari www.bssn.go.id
Berliana, C.D., et al. (2022). Analisis Serangan dan Keamanan pada Denial of Service (DOS): Sebuah Review Sistematik Di Rumah Sakit. Jurnal Ilmiah Informatika dan Komputer, vol. 1, no. 2, (pp. 1-5)
Bisht, S. et al. (2021). XML External Entity Attacks and Mitigation in XML Parsers at the Hospital. Journal of Emerging Technologies and Innovative Research. vol. 8, no. 3, (pp. 1-5)
Cichonski, P., et al., (2020). Computer Security Incident Handling Guide – Recommendation of The National Institute of Standards and Technology (NIST). United State of America : NIST Publication.
Comer, D. E. (2019). The Internet Book. New York : CRC Press
Darisman A. & Widianto M.H (2019). Design and Development of Pharmaceutical Company Information System Based on Website using the Waterfall Model, International Journal of Recent Technology and Engineering (IJRTE), vol. 8, (pp. 3989-3993)
Harahap, A . H . et al (2023). Pentingnya Peranan CIA Triad Dalam Keamanan
Hasibuan, M.S (2016). Keylogger Pada Aspek Keamanan Komputer, Jurnal Teknovasi, vol. 3, no. 1, (pp. 8-15)
Hassan, M. et al (2018). An Automated Local File Inclusion Vulnerability Detection Model at the Hospital, International Journal of Engineering & Technology, vol. , no. 2, (pp. 4-8)
Informasi dan Data Untuk Pemangku Kepentingan atau Stakholder, Jurnal Managemen dan Pemasaran Digital (JMPD), vol. 1, no. 2, (pp. 73-83)
Inngam, G.P., Riadi, I. (2020). Analisis Bukti Digital tentang Serangan Denial of Service (DoS) Berdasarkan Log di Rumah Sakit. Buletin Ilmiah Sarjana Teknik Elektro, vol. 2, no. 2, (pp. 70-74)
Irfan. et al. (2021). Keamanan Jaringan VLAN dan VoIP Menggunakan Firewall. Buletin Sistem Informasi dan Teknologi Islam, vol. 2, no. 1, (pp. 27-35)
Jacob, R.S., Kalimuthu, M. (2018). Detecting DoS Attacks in Software Defined Networking and Cloud Computing. International Journal of Science and Research (IJSR), vol. 7, no. 2, (pp. 1623-1626)
Jawa Tengah: CV. Pena Persada.
Kementerian Kesehatan Republik Indonesia. (2009). Undang-Undang Republik Indonesia Nomor 44 tahun 2009 Tentang Rumah Sakit. Jakarta : Sekretariat Negara
Kementerian Kesehatan Republik Indonesia. (2013). Peraturan Menteri Kesehatan Republik Indonesia Nomor 82 Tahun 2013 Tentang Sistem Informasi Manajemen Rumah Sakit. Jakarta : Kementerian Kesehatan Republik Indonesia
Koprawi, M. (2020). Dampak dan Pencegahan Serangan File Inclusion Di Rumah Sakit : Perspektif Developer. Jurnal Nasional Informatika dan Teknologi Jaringan, vol. 4, no. 2, (pp. 1-5)
Kral, P. (2021). Incident Handler’s Handbook. United State of America : SANS Institute.
Mambang. (2021). Bku Ajar Teknologi Komunikasi Internet (Internet of Things).
Marsic, Ivan. (2021). Cmputer Networks Performance and Quality of Service.
Maslan, A. (2020). Belajar Cepat Teori, Praktik dan Simulasi Jaringan Komputer dan Internet. Jakarta : Mediakita
Maulana, A. et al. (2022). Implementation of Mikrotik Firewall for Website Access Restriction and Prevention of DoS (Denial of Service) Attacks on Internet Networks of Al-Mahrusiyah Vocational School Lirboyo. Journal of Telecommunication Network, vol. 13, no. 1, (pp. 81-86)
McClanahan, P. (2024). Information Security. California: San Joaquin Delta College
Micro, A. (2012). Dasar-Dasar Jaringan Komputer, Edisi Revisi 2012. Jakarta : Clearos Indonesia
Muthohir, M. (2021). Mudah Membuat Web Bagi Pemula. Semarang: Yayasan Prima Agus Teknik
New Jersey : Rutgers University
Nuryadi, N., Nainggolan, E. C. (2021). Implementasi Intrusion Detection System Pada Local Area Network (Studi Kasus: Yayasan Pendidikan Tanah Tingal Tangerang) . Jurnal Sains, Teknologi dan Industri, vol. 19, no. 1, (pp. 1-8)
Prabhakar, M., Syed A.R. (2021). The Solution for XML External Entity Vulnerability in Web Application Security. Smart Intelligent Computing and Communication Technology, vol. 5, no. 1, (pp. 305-310)
Prakas, S., dan Mohaptra, A.K. (2023). Robust Analysis of XXE Attack Produced by Malware at the hospital. International Jurnal of Mebrane Science and Technology, vol. 10, no. 1, (pp. 647-685)
Pratama, M.D. (2022). Wazuh Sebagai Log Event Management dan Deteksi Celah Keamanan pada Server dari Serangan DOS. Jurnal Ilmiah Teknologi Sistem Informasi, vol. 3, no. 1, (pp. 1-7)
Pressman, R.S. (2015). Rekayasa Perangkat Lunak: Pendekatan Praktisi.
Purwohedi, U. (2022). Metode Penelitian Prinsip dan Praktik. Yogyakarta : LeutikaPrio
Sari, A.P, & Suhendi. (2020). Rancang Bangun Sistem Informasi Pengelolaan Talent Film Berbasis Aplikasi Web. Jurnal Informatika Terpadu Vol. 6 No. 1, (pp. 29-37)
Sasongko, L. (2022). Aplikasi Deteksi Kelemahan Website Dengan Menggunakan Metode Injeksi Remote File Inclusion Dan Local File Inclusion Di Rumah Sakit. Skripsi S1. Universitas Pembangunan Nasional Veteran, Jawa Timur.
Shafiyyah, A. (2024). Implementasi Sistem Keamanan jaringan di PSDKU Universitas Lampung Waykanan Menggunakan Server Wazuh Untuk Deteksi dan Respon Serangan Siber. Skripsi S1. Universitas Lampung, Bandar Lampung.
Shahid, R., et al (2022). A Study of XXE Attacks Prevention Using XML Parser Configuration. International Conference on Computational Intelligence and Communication Networks (CICN), 4-6 Desember 2022.
Sugiyono. (2019). Metode Penelitian Kuantitatif, Kualitatif dan RD. Bandung : Alphabet
Sukaridhoto, S. (2014). Buku Jaringan Komputer I. Surabaya: Politeknik Elektronika Negeri Surabaya
Tanuwijaya, E. (2023). Pengembangan Intrusion Detection System (IDS) Menggunakan Python dengan Grafana Sebagai Platform Monitoring. Skripsi S1. Universitas Bina Nusantara, Jakarta.
Tjahjanto. (2022). Application of the Waterfall Methode in Information System for State Owned Inventories Management Development. Jurnal dan penelitian Teknik Informatika. vol. 16, no. 4, (pp. 2182-2192)
Wibowo, A. (2022). Jaringan Sistem Komputer, Jilid 2. Semarang : Yayasan Prima Agus Teknik
Widiyanto, W.W. (2022). Simulasi Keamanan jaringan SIMRS (Sistem Informasi Manajemen Rumah Sakit) Menggunakan Snort IDS dan IPS. Indonesian of Health Information Management Journal, vol. 10, no. 1, (pp. 10-17)
Yasir, M. N., Croock, M. S. (2020). Cyber DoS attack-based security simulator for VANET. International Journal of Electrical and Computer Engineering, vol. 10, no. 6, (pp. 5832-5843) Yogyakarta: Andi.
