%A NIM.: 21106050052 Muhammad Rofi’Fachruddin
%O Dr. Ir. Bambang Sugiantoro, M.T., IPU., ASEAN Eng.
%T IMPLEMENTASI WORKFLOW OTOMATIS MENGGUNAKAN N8N UNTUK DETEKSI DAN RESPONS ANCAMAN MALWARE DAN PHISHING
%X Cyber threats such as malware and phishing continue to evolve with high complexity, rendering manual handling methods ineffective due to their slowness and susceptibility to human error. To address this challenge, a solution capable of detecting and responding to incidents quickly and structurally is required. This thesis focuses on designing an open-source Security Orchestration, Automation, and Response (SOAR) system using the n8n platform as a central orchestrator to automate cybersecurity workflows.
The system is designed by integrating Wazuh as a threat detection agent on endpoints, VirusTotal as an external threat intelligence service, Google Gemini for AI-based descriptive analysis, and Slack as a real-time notification channel. Testing was conducted using 600 test data samples consisting of safe files, malware files, safe links, and phishing links categories.
The test results demonstrate that the system performs with high responsiveness and accuracy. The achieved Mean Time to Response (MTTR) is 0.616 seconds for safe files, 0.653 seconds for phishing links, 0.655 seconds for safe links, and 4.771 seconds for malware files. The overall detection accuracy rate reached 98.83%, with a notification delivery success rate of 100%. The implementation of this automated workflow proved capable of increasing operational efficiency by 98.41% compared to manual handling estimates, making it highly effective in supporting cybersecurity operations.
%K SOAR, n8n, Wazuh, Malware, Phishing, Otomatisasi Keamanan
%D 2025
%I UIN SUNAN KALIJAGA YOGYAKARTA
%L digilib74869