Real-time Defense Against Cyber Threats: Analyzing Wazuh's Effectiveness in Server Monitoring

Article Sidebar

PDF
Published Sep 30, 2023
DOI https://doi.org/10.25077/jitce.7.2.56-62.2023

Main Article Content

Alde Alanda
Politeknik Negeri Padang
H.A Mooduto
Politeknik Negeri Padang
Ronal Hadi
Politeknik Negeri Padang

Abstract

As cloud computing grows exponentially, organizations face escalating cybersecurity challenges due to increased cyber threats and attacks on cloud-based networks. Monitoring cloud servers is one action that can be taken to improve the security. This can be done with the help of various server monitoring tools, such as Wazuh. The study investigates Wazuh's effectiveness in real-time monitoring of three AWS EC2 instance-based cloud servers. Wazuh's capabilities such as log data collection, malware detection, active response automation, and Docker container monitoring, are examined. The research reveals detailed insights into user activities, web server access, and database operations. Wazuh proves adept at tracking file integrity, detecting malware, and responding actively, as evidenced by the 342 alerts generated during a 24-hour monitoring period. The result shows that Wazuh is a particularly effective tool for protecting cloud environments from cyberattacks because it provides quick and ongoing security monitoring, which is essential for securing intricate cloud infrastructures.

Downloads

Download data is not yet available.

Article Details

How to Cite
Alanda, A., Mooduto, H., & Hadi, R. (2023, September 30). Real-time Defense Against Cyber Threats: Analyzing Wazuh’s Effectiveness in Server Monitoring. JITCE (Journal of Information Technology and Computer Engineering), 7(2), 56-62. https://doi.org/https://doi.org/10.25077/jitce.7.2.56-62.2023
Issue
Vol 7 No 2 (2023): Journal of Information Technology and Computer Engineering
Section
Articles
Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

1. License

Creative Commons License

 

The non-commercial use of the article will be governed by the Creative Commons Attribution license as currently displayed on Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License

2. Author(s)’ Warranties

The author(s) warrants that the article is original, written by stated author(s), has not been published before, contains no unlawful statements, does not infringe the rights of others, is subject to copyright that is vested exclusively in the author and free of any third party rights, and that any necessary permissions to quote from other sources have been obtained by the author(s).

3. User Rights

JITCE adopts the spirit of open access and open science, which disseminates articles published as free as possible under the Creative Commons license. JITCE permits users to copy, distribute, display, and perform the work for non-commercial purposes only. Users will also need to attribute authors and JITCE on distributing works in the journal.

4. Rights of Authors

Authors retain the following rights:

  • Copyright, and other proprietary rights relating to the article, such as patent rights,
  • the right to use the substance of the article in future own works, including lectures and books,
  • the right to reproduce the article for own purposes, 
  • the right to self-archive the article.
  • the right to enter into separate, additional contractual arrangements for the non-exclusive distribution of the article's published version (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal (Journal of Information Technology and Computer Engineering).

5. Co-Authorship

If the article was jointly prepared by other authors; upon submitting the article, the author is agreed on this form and warrants that he/she has been authorized by all co-authors on their behalf, and agrees to inform his/her co-authors. JITCE will be freed on any disputes that will occur regarding this issue. 

7. Royalties

By submitting the articles, the authors agreed that no fees are payable from JITCE.

 

8. Miscellaneous

JITCE will publish the article (or have it published) in the journal if the article’s editorial process is successfully completed and JITCE or its sublicensee has become obligated to have the article published. JITCE may adjust the article to a style of punctuation, spelling, capitalization, referencing and usage that it deems appropriate. The author acknowledges that the article may be published so that it will be publicly accessible and such access will be free of charge for the readers. 

Author Biographies

Alde Alanda, Politeknik Negeri Padang

Department of Information Technology

H.A Mooduto, Politeknik Negeri Padang

Department of Information Technology

Ronal Hadi, Politeknik Negeri Padang

Department of Information Technology

References

[1] A. A. Hezam, S. A. Mostafa, Z. Baharum, A. Alanda, and M. Z. Salikon, “Combining Deep Learning Models for Enhancing the Detection of Botnet Attacks in Multiple Sensors Internet of Things Networks,” Int. J. Informatics Vis., vol. 5, no. 4, 2021.
[2] A. Alanda, D. Satria, M. I. Ardhana, A. A. Dahlan, and H. A. Mooduto, “Web application penetration testing using sql injection attack,” Int. J. Informatics Vis., vol. 5, no. 3, 2021.
[3] FBI, “2020 Internet Crime Report,” Fed. Bur. Investig. - Internet Crime Complain. Cent., 2020.
[4] Sonicwall, “2021 SonicWall Cyber Threat Report,” 2021 SonicWall, pp. 1–38, 2021.
[5] F. S. Toker, K. O. Akpinar, and I. Ozcelik, “MITRE ICS Attack Simulation and Detection on EtherCAT Based Drinking Water System,” in 9th International Symposium on Digital Forensics and Security, ISDFS 2021, 2021.
[6] A. G. S. Harahap and H. Hutrianto, “Intrusion Detection and Anomaly Menggunakan Wazuh Pada Universitas Muhammadiyah Palembang,” Bina Darma …, pp. 324–328, 2021.