Muhammad Ihsan Naufal Muniif, - (2024) UJI PERFORMANSI IBM QRADAR VERSI 7.3.3 DALAM PENDETEKSIAN SERANGAN SIBER PADA SISTEM OPERASI LINUX. S1 thesis, Universitas Pendidikan Indonesia.
Abstract
Keamanan menjadi aspek penting di era digital saat ini, apalagi mengingat semakin canggihnya ancaman terhadap sistem dan jaringan komputer sehingga di era ini harus lebih memperhatikan tentang keamanan dari serangan cybercrime. Salah satu, cara mencegah terjadinya serangan siber pada sistem operasi Linux adalah dengan menggunakan Security Information and Event Management. IBM QRadar Community Edition merupakan aplikasi yang memakai teknologi Security Information and Event Management (SIEM) yang memungkinkan organisasi merespon ancaman dengan lebih cepat. Performa IBM QRadar Community Edition Sebagai aplikasi Incident Response dalam mendeteksi serangan siber sangatlah krusial dalam keamanan server sehingga diperlukan evaluasi yang menyeluruh untuk memastikan performanya dalam berbagai skenario serangan siber. Metode yang digunakan pada penelitian ini adalah metode eksperimental yang digunakan untuk mengevaluasi dampak perlakuan tertentu terhadap performa IBM QRadar Community Edition dengan melakukan pengujian pada serangan Secure Shell (SSH) Brute Force, File Transfer Protocol (FTP) Brute Force, Denial of Service (DoS), Distributed Denial of Service (DDoS), dan Port Scanning. Hasil penelitian ini, menyimpulkan bahwa pada skema lokal serta skema publik IBM QRadar Community Edition dapat mendeteksi semua serangan Secure Shell (SSH) dan File Transfer Protocol (FTP) Brute Force tetapi terdapat pencatatan berlebih event log activity. Pada penyerangan Distributed Denial of Service (DDoS) dapat mendeteksi semua serangan dengan skema local tetapi terdapat kekurangan dalam pencatatan jumlah network activity dan jumlah packet. ----------- Security is an important aspect in today's digital era, especially considering the increasingly sophisticated threats to computer systems and networks so that in this era we must pay more attention to security from cybercrime attacks. One way to prevent cyber attacks on the Linux operating system is to use Security Information and Event Management. IBM QRadar Community Edition is an application that uses Security Information and Event Management (SIEM) technology that allows organizations to respond to threats more quickly. The performance of IBM QRadar Community Edition as an Incident Response application in detecting cyber attacks is crucial in server security so a thorough evaluation is needed to ensure its performance in various cyber attack scenarios. The method used in this research is an experimental method used to evaluate the impact of certain treatments on the performance of IBM QRadar Community Edition by testing the Secure Shell (SSH) Brute Force, File Transfer Protocol (FTP) Brute Force, Denial of Service (DoS), Distributed Denial of Service (DDoS), and Port Scanning attacks. The results of this study concluded that in the local scheme and public scheme IBM QRadar Community Edition can detect all Secure Shell (SSH) and File Transfer Protocol (FTP) Brute Force attacks but there is excessive recording of event log activity. In Distributed Denial of Service (DDoS) attacks, it can detect all attacks with a local scheme but there is a lack of recording the number of network activities and the number of packets.
![[img]](http://repository.upi.edu/style/images/fileicons/text.png) |
Text
S_TEKOM_2003494_Title.pdf Download (502kB) |
|
Text
S_TEKOM_2003494_Chapter1.pdf Download (83kB) |
|
Text
S_TEKOM_2003494_Chapter2.pdf Restricted to Staf Perpustakaan Download (158kB) | Request a copy |
|
Text
S_TEKOM_2003494_Chapter3.pdf Download (1MB) |
|
Text
S_TEKOM_2003494_Chapter4.pdf Restricted to Staf Perpustakaan Download (703kB) | Request a copy |
|
Text
S_TEKOM_2003494_Chapter5.pdf Download (69kB) |
|
Text
S_TEKOM_2003494_Appendix.pdf Restricted to Staf Perpustakaan Download (809kB) | Request a copy |
| Item Type: | Thesis (S1) |
|---|---|
| Additional Information: | https://scholar.google.com/citations?view_op=list_works&hl=id&authuser=2&user=MqmT2O0AAAAJ ID SINTA Dosen Pembimbing Anugrah Adiwilaga: 6745914 Muhammad Taufik Dwi Putra: 6745726 |
| Uncontrolled Keywords: | Serangan siber, Security Information and Event Management, Incident Response, IBM QRadar Community Edition, Linux |
| Subjects: | L Education > L Education (General) Q Science > QA Mathematics > QA76 Computer software T Technology > T Technology (General) |
| Divisions: | UPI Kampus cibiru > S1 Teknik Komputer |
| Depositing User: | Muhammad Ihsan Naufal Muniif |
| Date Deposited: | 23 Sep 2024 01:45 |
| Last Modified: | 23 Sep 2024 01:45 |
| URI: | http://repository.upi.edu/id/eprint/122621 |
Actions (login required)
 |
View Item |