The Analysis of Attacks Against Port 80 Webserver with SIEM Wazuh Using Detection and OSCAR Methods

Suryantoro, Tri and P., Bambang Purnomosidi D. and Andriyani, Widyastuti (2022) The Analysis of Attacks Against Port 80 Webserver with SIEM Wazuh Using Detection and OSCAR Methods. In: International Seminar on Research of Information Technology and Intelligent Systems (ISRITI), 8-9 Desember 2022, Universitas Teknologi Digital Indonesia.

[img] Text (The Analysis of Attacks Against Port 80 Webserver with SIEM Wazuh Using Detection and OSCAR Methods)
isriti2022--oscar-method--tri-bambangpurnomosidi-widya.pdf - Published Version
Download (849kB)

Abstract

The existence of the internet in the company leads data and information exchange activities easier. The ease to obtain company data and information which is not accompanied by information security awareness results in the emergence of data leaks and lateral movements. Companies are required to ensure reliable and secure network security to protect information technology assets from hacking. SIEM assists the companies and security officers to monitor attacks, find vulnerabilities and analyze attacks. This study applies a network forensic approach with OSCAR and detection methods to determine the effectiveness of SIEM wazuh performance against port 80 attacks on the web server. The attack testing stages of port scanning and http directory scanning, the web server service still looks normal or no 404 error message is found in the browser. The deviation of attack detection in this study is 1.402 seconds. The existence of SIEM Wazuh is able to assist security officers in monitoring company data security and securing company IT assets. Keywords: network security, web server, siem wazuh, lateral movement, intrusion detection

Item Type: Conference or Workshop Item (Paper)
Additional Information: Penulis: Tri Suryantoro, Bambang Purnomosidi D.P. dan Widyastuti Andriyani
Uncontrolled Keywords: network security, web server, siem wazuh, lateral movement, intrusion detection
Subjects: A Karya Umum (General) > Ilmu Komputer (Computer Science) > Internet
A Karya Umum (General) > Ilmu Komputer (Computer Science) > Keamanan Komputer (Computer Security)
A Karya Umum (General) > Ilmu Komputer (Computer Science) > Jaringan (Networks)
Divisions: Prosiding (Proceedings)
Depositing User: Titis Pratiwi
Date Deposited: 02 Apr 2023 22:58
Last Modified: 02 Apr 2023 22:58
URI: http://eprints.utdi.ac.id/id/eprint/9949

Actions (login required)

View Item View Item
UTDI Repository is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.