Repositori Institusi

Politeknik Siber dan Sandi Negara

  • Home
  • Information
  • News
  • Help
  • Librarian
  • Member Area
  • Select Language :
    Arabic Bengali Brazilian Portuguese English Espanol German Indonesian Japanese Malay Persian Russian Thai Turkish Urdu

Search by :

ALL Author Subject ISBN/ISSN Advanced Search

Last search:

{{tmpObj[k].text}}
Image of Implementasi sistem analisis log otomatis untuk melakukan analisis Windows login pada Windows event log yang menggunakan Remote Desktop Protocol (RDP)
Bookmark Share

Text

Implementasi sistem analisis log otomatis untuk melakukan analisis Windows login pada Windows event log yang menggunakan Remote Desktop Protocol (RDP)

I Wayan Ari Marjaya - Personal Name; Nanang Trianto - Personal Name; Jeckson Sidabutar - Personal Name; Ira Rosianal Hikmah - Personal Name;

Pada masa pandemi seperti saat ini, penggunaan layanan Remote Dekstop Protocol (RDP) menjadi semakin banyak selaras dengan meningkatnya ancaman yang dihadapi pengguna. Perlu adanya suatu sistem untuk memantau kegiatan yang menggunakan layanan RDP sehingga menjamin bahwa pengguna yang terhubung dengan komputer perusahaan memang memiliki hak yang sah. Pada penelitian ini akan dilakukan implementasi sistem analisis log otomatis yang memadukan antara Wazuh dan ELK untuk melakukan analisis pada Windows event log secara otomatis dan dapat divisualisasikan pada dashboard Kibana. Penelitian ini bertujuan untuk mempermudah Administrator dalam melakukan respon cepat terhadap setiap tindakan tidak sah yang menggunakan layanan RDP. Penelitian ini menggunakan Design Science Research sebagai desain penelitian dengan lima tahapan yaitu Awareness of Problem, Suggestion, Development, Evaluation, dan Conclusion. Tahap pengujian penelitian ini menggunakan confusion matrix untuk mengetahui performa sistem dengan menghitung nilai recall dari deteksi serangan bruteforce attack. Serangan bruteforce attack dilakukan menggunakan tools Hidra dan Crowbar. Hasil implementasi sistem analisis log otomatis menunjukkan bahwa sistem dapat menganalisis usaha login yang dilakukan pengguna dan mendeteksi serangan yang terjadi. Sistem mendeteksi setiap otentikasi gagal pada rentang waktu tertentu dan menganalisis log yang dihasilkan untuk menentukan apakah terjadi serangan bruteforce atau tidak. Hasil deteksi serangan menunjukkan nilai recall tertinggi yang dihasilkan yaitu 99.06% dan hasil terendah 92.31%. Setelah data yang didapatkan dirata-ratakan, nilai recall yang didapatkan yaitu 97.80%. --

During the current pandemic, the use of Remote Desktop Protocol (RDP) services is becoming more and more in line with the problems faced by users. There needs to be a system to unify activities that use RDP services so as to ensure that users connected to computers do have legal rights. In this research, an automatic log analysis system will be implemented that combines Wazuh and ELK to perform analysis on Windows event logs automatically and can be visualized on the Kibana dashboard. This study aims to make it easier for Administrators to respond quickly to any unauthorized actions using RDP services. This study uses Design Science Research as a research design with five stages, namely Problem Awareness, Suggestions, Development, Evaluation, and Conclusions. The testing phase of this research uses a confusion matrix to determine system performance by calculating the recall value from the detection of bruteforce attacks. Bruteforce attacks are carried out using the Hydra and Crowbar tools. The results of the implementation of the automatic log analysis system show that the system can analyze the login attempts made by the user and detect the attacks that occurred. The detection system fails at a certain time range and analyzes the resulting logs to determine whether or not a bruteforce attack occurred. The detection results show that the highest recall value is 99.06% and the lowest is 92.31% recall. After the data obtained were averaged, the recall value obtained was 97.80%.


Availability

No copy data

Detail Information
Series Title
-
Call Number
2022 I W i
Publisher
Bogor : Poltek SSN., 2022
Collation
xi, 42 hlm.
Language
Indonesia
ISBN/ISSN
--
Classification
--
Content Type
-
Media Type
-
Carrier Type
-
Edition
--
Subject(s)
ELK Stack
Analisis Performa
Bruteforce Attack
Remote Desktop Protocol
Wazuh
Specific Detail Info
-
Statement of Responsibility
I Wayan Ari Marjaya
Other version/related

No other version available

File Attachment
No Data
Comments

You must be logged in to post a comment

Repositori Institusi
  • Information
  • Services
  • Librarian
  • Member Area

About Us

Search

start it by typing one or more keywords for title, author or subject

Keep SLiMS Alive Want to Contribute?

© 2025 — Senayan Developer Community

Powered by SLiMS
Select the topic you are interested in
  • Computer Science, Information & General Works
  • Philosophy & Psychology
  • Religion
  • Social Sciences
  • Language
  • Pure Science
  • Applied Sciences
  • Art & Recreation
  • Literature
  • History & Geography
Icons made by Freepik from www.flaticon.com
Advanced Search
Where do you want to share?