@phdthesis{digilib68096,
           month = {July},
           title = {IMPLEMENTASI DETEKSI ANOMALI DAN RESPON AKTIF MENGGUNAKAN WAZUH SIEM UNTUK PENCEGAHAN SERANGAN SIBER BERDASARKAN ACCESS LOG PADA WEB SERVER APACHE},
          school = {UIN SUNAN KALIJAGA YOGYAKARTA},
          author = {NIM.: 20106050060 Setiawan},
            year = {2024},
            note = {Pembimbing: Dr. Ir. Bambang Sugiantoro, S.Si., M.T., IPM.},
        keywords = {Deteksi Anomali, Respon Aktif, Wazuh Siem, Web Server Apache},
             url = {https://digilib.uin-suka.ac.id/id/eprint/68096/},
        abstract = {Apache web server, one of the most widely used servers, is frequently targeted by cyberattacks such as XSS, SQL injection, and DoS. Despite its critical role, Apache lacks built-in capabilities to automatically detect and respond to traffic anomalies. This research aims to implement an anomaly detection and active response system on the Apache web server using Wazuh as an open-source SIEM solution.
The methodology used in this study involves creating and testing a dummy website based on Apache, hosted in a virtual environment using Proxmox. Various types of attacks, including DoS, XSS, and SQL injection, are performed to evaluate the effectiveness of the implemented detection and blocking system. This process includes analysis, design, simulation, implementation, and system monitoring.
The results indicate that Wazuh successfully detects various attacks, provides detailed alerts, and automatically blocks attackers. This research presents a model system that not only protects against cyberattacks but also offers a comprehensive analysis tool to enhance web server security. Thus, this approach provides a robust solution for safeguarding and improving system resilience against cyber threats.}
}