TELER Performance as Real-Time Intrusion Detection and Threat Alert Based on Web Log-In Detecting Directory Bruteforce Attacks on Websites

Rio Darmawan(1), Bita Parga Zen(2*), Rianti Yunita Kisworini(3),

(1) Institut Teknologi Telkom Purwokerto
(2) Institut Teknologi Telkom Purwokerto
(3) STMIK Widya Utama
(*) Corresponding Author

Abstract


TELER is a real-time intrusion detection and weblog-based alerting tool that runs on the terminal. TELER is designed to be a fast terminal-based threat analyzer. The IDS (intrusion detection system) is needed to help web administrators secure their servers. This study aims to test the TELER performance as real-time intrusion detection and threat alert. This study tries to implement an open-source application called TELER based on Golang. The IDS testing method on the web server this time uses directory brute force with the result that TELER can detect an attack and provide prompt notification to the web administrator when an attack occurs on the web server. The result of this study shows that the TELER successfully sent notifications to the Telegram, Discord, and Slack applications when an attack or intrusion occurs. Based on the experiments conducted in this study, Slack is the most effective application for receiving directory brute-force attack notifications. The average time for Slack to receive attack information is 0.03 seconds. TELER was successfully proven to detect cyberattacks.


Keywords


Bruteforce; IDS; TELER; Threat Alert; Webserver

Full Text:

PDF

References


Akram, W., & Kumar, R. (2017). A Study on Positive and Negative Effects of Social Media on Society. International Journal of Computer Sciences and Engineering, 5(10), 351–354. https://doi.org/10.26438/ijcse/v5i10.351354

Alfidzar, H., & Zen, B. P. (2022). Implementasi HoneyPy dengan Malicious Traffic Detection System (Maltrail) Menggunakan Analisis Deskriptif guna untuk Mendeteksi Serangan DDOS pada Server. Journal of Informatics Information System Software Engineering and Applications (INISTA), 4(2), 32–45. https://doi.org/10.20895/inista.v4i2.534

Anggarini, D., Zen, B. P., & Pranata, M. (2022). Security Analysis On Websites Using The Information System Assessment Framework (Issaf) And Open Web Application Security Version 4 (OWASPv4) Using The Penetration Testing Method. Jurnal Pertahanan, 8(3), 2549–9459. https://doi.org/10.33172/jp.v8

BSSN. (2023). Honey Project. Retrieved from https://bssn.go.id/honeynet-project/

CNN Indonesia. (2018). Kemhan Terima 80 Ribu Serangan “Hacker” Tiap Hari. Retrieved from CNN Indoensia website: https://www.cnnindonesia.com/Teknologi/20181107155049-185-344721/kemenhan-terima-80-ribu-serangan-hacker-tiap-hari. Accessed on Desember 01, 2023.

Hidayat, S., Thamrin, S., & Widayatno, R. L. (2022). Russia And Japan War Based On Military Perspective. Jurnal Pertahanan, 8(1), 177–188. http://dx.doi.org/10.33172/jp.v 8i1.1620

Ma, K., Jiang, R., Dong, M., Jia, Y., & Li, A. (2017). Neural Network-based Web Log Analysis for Web Intrusion Detection. In Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),. https://doi.org/10.1007/978-3-319-72395-2_19

Siswanto, D. (2023). TELER. Retrieved from Kita Bisa website: https://github.com/Kitabisa/TELER. Accessed on December 01, 2023.

Tabash, M., Allah, M. A., & Tawfik, B. (2020). Intrusion Detection Model Using Naive Bayes and Deep Learning Technique. International Arab Journal of Information Technology, 17(2), 215–224. https://doi.org/10.34028/iajit/17/2/9

Tedyyana, A., Ghazali, O., & Purbo, O. W. (2021). TELER Real-time HTTP Intrusion Detection at Website with Nginx Web. 5(September), 327–332. https://dx.doi.org/10.30630/joiv.5.3.510

William, P., Choubey, A., Chhabra, G. S., & Bhattacharya, R. (2022). Assessment of Hybrid Cryptographic Algorithm for Secure Sharing of Textual and Pictorial Content. International Conference on Electronics and Renewable Systems (ICEARS). IEEE Xplore. https://doi.org/10.1109/icears53579.2022.9751932

Zen, B. P., Anggi, Z., & Putro, I. N. Y. (2022). Network Security Analysis Simulation at the GCS in the UCAV to support the Indonesian Defense Area. Jurnal RESTI (Rekayasa Sistem Dan Teknologi Informasi), 6(5), 824–831. https://doi.org/10.29207/resti.v6i5.4412

Zen, B. P., Gultom, R. A. G., & Reksoprodjo, A. H. S. (2020). Analisis Security Assessment Menggunakan Metode Penetration Testing dalam Menjaga Kapabilitas Keamanan Teknologi Informasi Pertahanan Negara. Jurnal Teknologi Penginderaan, 2(1), 105–122. https://jurnalprodi.idu.ac.id/index.php/TP/article/view/574




DOI: https://doi.org/10.33172/jp.v9i3.19305

INDEXED BY:

Journal Terindex di Garuda

 

Lisensi Creative Commons
Jurnal Pertahanan is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.