PENGEMBANGAN SISTEM ACTIVE RESPONSE DAN NOTIFIKASI REAL-TIME UNTUK DETEKSI MALWARE DI PT. WIKA BETON

    Surya Kusuma, - and Galura Muhammad Suranegara, - and Ichwan Nul Ichsan, - (2025) PENGEMBANGAN SISTEM ACTIVE RESPONSE DAN NOTIFIKASI REAL-TIME UNTUK DETEKSI MALWARE DI PT. WIKA BETON. S1 thesis, Universitas Pendidikan Indonesia.

    Abstract

    Respon yang lambat dan manual terhadap ancaman siber menjadi tantangan signifikan bagi keamanan infrastruktur TI perusahaan. Sistem deteksi konvensional seringkali tidak memiliki kemampuan mitigasi otomatis, sehingga meningkatkan risiko kerusakan akibat malware. Penelitian ini bertujuan untuk mengembangkan dan menganalisis performa sistem active response otomatis berbasis Wazuh, yang diintegrasikan dengan VirusTotal API untuk akurasi deteksi dan notifikasi real-time Telegram untuk pelaporan instan. Penelitian ini menggunakan metode eksperimental pada tiga agent dengan sistem operasi berbeda (Ubuntu, Windows, CentOS) menggunakan file uji EICAR sebanyak 15 kali percobaan untuk setiap agent. Performa sistem diukur menggunakan metrik waktu respon, tingkat akurasi deteksi, dan kecepatan notifikasi. Hasil penelitian menunjukkan sistem mencapai tingkat akurasi deteksi 100% di semua platform. Waktu respon keseluruhan menunjukkan kinerja yang sangat cepat pada lingkungan Linux (rata-rata 2,010 detik pada CentOS dan 2,118 detik pada Ubuntu), namun lebih lambat pada Windows (rata-rata 12,519 detik) yang utamanya dipengaruhi oleh beban kerja pemindaian File Integrity Monitoring (FIM) pada direktori dengan banyak file. Untuk notifikasi Telegram berhasil terkirim dalam 1-2 detik setelah mitigasi. Kesimpulannya, sistem yang dikembangkan terbukti menjadi solusi yang efektif, cepat, dan akurat untuk otomasi deteksi dan respons malware, sekaligus menyoroti pentingnya pengaruh lingkungan sistem operasi terhadap performa active response. ----- Slow and manual responses to cyber threats pose a significant challenge to corporate IT infrastructure security. Conventional detection systems often lack automated mitigation capabilities, increasing the risk of damage from malware. This research aims to develop and analyze the performance of an automated active response system based on Wazuh, integrated with the VirusTotal API for detection accuracy and real-time Telegram notifications for instant reporting. This study uses an experimental method on three agents with different operating systems (Ubuntu, Windows, CentOS), using the EICAR test file for 15 trials per agent. System performance was measured using metrics of response time, detection accuracy rate, and notification speed. The results show that the system achieved a 100% detection accuracy rate across all platforms. The overall response time demonstrated very fast performance in Linux environments (an average of 2.010 seconds on CentOS and 2.118 seconds on Ubuntu), but was slower on Windows (an average of 12.519 seconds), primarily influenced by the workload of File Integrity Monitoring (FIM) scans on directories with a large number of files. Telegram notifications were successfully delivered within 1-2 seconds post-mitigation. In conclusion, the developed system is proven to be an effective, fast, and accurate solution for automated malware detection and response, while also highlighting the significant influence of the operating system's environment on active response performance.

    Baca Full Text klik disini
    [thumbnail of S_SISTEL_2100308_Title.pdf] Text
    S_SISTEL_2100308_Title.pdf
    Download (415kB)
    [thumbnail of S_SISTEL_2100308_Chapter 1.pdf] Text
    S_SISTEL_2100308_Chapter 1.pdf
    Download (259kB)
    [thumbnail of S_SISTEL_2100308_Chapter 2.pdf] Text
    S_SISTEL_2100308_Chapter 2.pdf
    Restricted to Staf Perpustakaan
    Download (311kB)
    [thumbnail of S_SISTEL_2100308_Chapter 3.pdf] Text
    S_SISTEL_2100308_Chapter 3.pdf
    Download (394kB)
    [thumbnail of S_SISTEL_2100308_Chapter 4.pdf] Text
    S_SISTEL_2100308_Chapter 4.pdf
    Restricted to Staf Perpustakaan
    Download (462kB)
    [thumbnail of S_SISTEL_2100308_Chapter 5.pdf] Text
    S_SISTEL_2100308_Chapter 5.pdf
    Download (228kB)
    [thumbnail of S_SISTEL_2100308_Appendix.pdf] Text
    S_SISTEL_2100308_Appendix.pdf
    Restricted to Staf Perpustakaan
    Download (1MB)
    Official URL: https://repository.upi.edu/
    Item Type: Thesis (S1)
    Additional Information: https://scholar.google.com/citations?user=7qDMsYEAAAAJ&hl=en ID Sinta Dosen Pembimbing: Galura Muhammad Suranegara: 6703764 Ichwan Nul Ichsan: 6721201
    Uncontrolled Keywords: Wazuh, Active Response, VirusTotal, Deteksi Malware, Keamanan Siber. Wazuh, Active Response, VirusTotal, Malware Detection, Cyber Security.
    Subjects: T Technology > T Technology (General)
    Divisions: UPI Kampus Purwakarta > S1 Sistem Telekomunikasi
    Depositing User: Surya Kusuma
    Date Deposited: 20 Aug 2025 06:45
    Last Modified: 20 Aug 2025 06:45
    URI: http://repository.upi.edu/id/eprint/135853

    Actions (login required)

    View Item View Item