A real-time hypertext transfer protocol intrusion detection system on web server

Agus Tedyyana, Osman Ghazali, Onno W. Purbo

Abstract


Behind the rapid development of the internet in today’s era, various types of crime are also targeting vital players in the internet industry. With many online crime types rampant, an antidote is also needed to suppress internet crime. Therefore, the researcher proposes a solution in the form of a Keris, namely the hypertext transfer protocol (HTTP) intrusion detection system (IDS) that runs on the server where our website is running. Keris works by detecting rampant intrusions that attack servers or websites. When an intrusion is detected, Keris will notify the system admin using the Keris Telegram chatbot or an alternative Keris mobile application with firebase cloud messaging (FCM) technology. The research was conducted by comparing the results of one-way delay (OWD) between Telegram Webhook and FCM with the help of the open web application security project (OWASP) zed attack proxy (ZAP) test tool. From the results of the tests, OWD against directory brute force attacks on Telegram Webhook for 0.72 seconds and on FCM for 0.44 seconds. In this case, FCM is more suitable for real-time notifications if we need a very responsive notification.

Keywords


cyber attack; HTTP IDS; intrusion; OWASP ZAP; Telegram Bot;

Full Text:

PDF


DOI: http://doi.org/10.12928/telkomnika.v21i3.24938

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

TELKOMNIKA Telecommunication, Computing, Electronics and Control
ISSN: 1693-6930, e-ISSN: 2302-9293
Universitas Ahmad Dahlan, 4th Campus
Jl. Ringroad Selatan, Kragilan, Tamanan, Banguntapan, Bantul, Yogyakarta, Indonesia 55191
Phone: +62 (274) 563515, 511830, 379418, 371120
Fax: +62 274 564604

View TELKOMNIKA Stats