Implementasi Arsitektur Keamanan Terintegrasi IDS, WAF Dan FIM Berbasis Wazuh Pada Platform Open Jurnal System Mengacu Pada NIST Cybersecurity Framework
DOI:
https://doi.org/10.30865/jurikom.v13i1.9500Keywords:
Ids, Waf, Security Integration, Web Application Security, FimAbstract
The utilization of Open Journal Systems (OJS) as a scientific publishing platform faces significant security threats, including SQL Injection, Cross-Site Scripting (XSS), and webshell injection, which may compromise data integrity and service availability. This study aims to design and evaluate an integrated security architecture based on Wazuh through the implementation of an Intrusion Detection System (IDS), Web Application Firewall (WAF), and File Integrity Monitoring (FIM) using the NIST Cybersecurity Framework approach. The research methodology includes vulnerability identification across 11 journals in 7 universities, the development of a defense-in-depth architecture, and controlled penetration testing based on OWASP Top 10 scenarios. Testing results from 30 attack scenarios demonstrate a 100% detection rate for SQL Injection and webshell injection, and an 80% detection rate for XSS attacks. The system successfully blocks malicious requests with 403 Forbidden responses and generates real-time alerts through centralized log correlation in Wazuh. However, potential false positives were observed in several generic security rules, indicating the need for rule fine-tuning to align with OJS traffic characteristics. Overall, the integrated security approach measurably enhances threat detection and incident response capabilities.
References
[1] H. Wintolo, I. Riadi, and A. Yudhana, "Post Attack Mitigation on Open Journal System Services using Knowledge Understanding Assessment Defense (KUAD) Method," KINETIK, vol. 10, no. 4, pp. 455-464, Nov. 2025.
[2] M. R. Syaifudin, M. A. Murtadho, M. S. Wafa, and M. Masrur, "Analisis Keamanan Website Kampus UNIPDU Melalui Metode Vulnerability Assessment (VA) dengan Menggunakan Tools Acunetix," KOMPUTA: Jurnal Ilmiah Komputer dan Informatika, vol. 14, no. 1, pp. 21-32, Apr. 2025.
[3] S. E. Prasetyo, Haeruddin, and K. Ariesryo, "SISTEM KEamanan WEBSITE DARI SERANGAN DENIAL OF SERVICE, SQL INJECTION, CROSS SITE SCRIPTING MENGGUNAKAN WEB APPLICATION FIREWALL," ANTIVIRUS: Jurnal Ilmiah Teknik Informatika, vol. 18, no. 1, pp. 27-36, May 2024.
[4] S. A. Noswantoro, M. Ziaurrahman, Miftahurrizqi, M. A. Haq, and R. A. Rashid, "Implementasi Wazuh-ELK-Suricata untuk Deteksi Privilege Escalation di Ubuntu Server," Jurnal SAINTEKOM, vol. 15, no. 2, pp. 153-164, 2025.
[5] R. Aditya, Y. Muhyidin, and D. Singasatia, "Implementasi Security Information And Event Management (SIEM) Untuk Monitoring Keamanan Server Menggunakan Wazuh," Merkurius: Jurnal Riset Sistem Informasi dan Teknik Informatika, vol. 2, no. 5, pp. 137-144, Sep. 2024.
[6] A. Kamil, D. Rizaludin, and A. T. Ni'mah, "Implementasi Wazuh FIM (File Integrity Monitoring) untuk Perlindungan Keamanan Sistem Informasi," Sains Data: Jurnal Studi Matematika dan Teknologi, vol. 2, no. 2, pp. 80-92, 2024.
[7] A. Z. A. Adrian, R. A. Megantara, and F. A. Zami, "Hybrid Multilayer Architecture Integrating Suricata, Wazuh, and Cyber Threat Intelligence for Drive-by-Download Malvertising Detection," Sinkron: Jurnal dan Penelitian Teknik Informatika, vol. 10, no. 1, Jan. 2026.
[8] A. Shafiyyah, G. F. Nama, and R. A. Pradipta, "IMPLEMENTASI WAZUH MENGGUNAKAN METODE PPDIOO DI SISTEM KEAMANAN JARINGAN PSDKU UNIVERSITAS LAMPUNG WAYKANAN SEBAGAI DETEKSI DAN RESPON SERANGAN SIBER," JITET (Jurnal Informatika dan Teknik Elektro Terapan), vol. 12, no. 2, pp. 973-981, Apr. 2024.
[9] Wazuh, "File integrity monitoring (FIM) capabilities," Wazuh Documentation, 2024. [Online]. Available: https://documentation.wazuh.com/current/user-manual/capabilities/file-integrity/index.html.
[10] R. E. Reyes-Acosta et al., "Cybersecurity Conceptual Framework Applied to Edge Computing and Internet of Things Environments," Electronics, vol. 14, no. 11, p. 2109, May 2025.
[11] E. Handoyo and I. E. Nigrum, "Penilaian risiko keamanan siber kampus menggunakan framework cybersecurity NIST 1.1," CoSciTech Jurnal Computer Science and Information Technology, vol. 4, no. 3, pp. 677-685, Dec. 2023.
[12] A. Zulfa, I. Riadi, and A. Fadlil, "Hybrid Multilayer Architecture Integrating Suricata, Wazuh, and Cyber Threat Intelligence for Drive-by-Download Malvertising Detection," International Journal of Information Security, vol. 25, no. 2, pp. 445-458, Feb. 2026.
[13] S. Sulaiman and H. Hartono, "Analisis Forensik Terhadap Serangan Berbasis Injeksi pada Platform Open Journal System (OJS)," JURTI (Jurnal Rekayasa Teknologi Informasi), vol. 7, no. 1, pp. 45-53, Jun. 2023.
[14] J. Kim and S. Lee, "Evaluation of File Integrity Monitoring Systems in Cloud Environments: A Comparative Study using Wazuh and OSSEC," IEEE Transactions on Cloud Computing, vol. 13, no. 4, pp. 2112-2125, 2025.
[15] H. Wintolo, I. Riadi, and A. Yudhana, "Analisis Deteksi Penyusup pada Layanan Open Journal System Menggunakan Metode Network Forensic Development Life Cycle," SKANIKA, vol. 8, no. 1, pp. 133-144, Jan. 2025.
[16] R. S. Prasetyo and H. Suyono, "Implementasi dan Pengujian Keamanan Sistem Informasi menggunakan SIEM Wazuh: Studi Kasus Aplikasi Web Publik," Jurnal Teknologi Informasi dan Ilmu Komputer (JTIIK), vol. 10, no. 5, pp. 987-996, Oct. 2023.
[17] Wahdana and K. H. Hanif, "IMPLEMENTASI KEAMANAN INFORMASI MENGGUNAKAN METODE WEB APPLICATION FIREWALL TERHADAP SQL INJECTION," JIP (Jurnal Informatika Polinema), vol. 11, no. 1, 2024.
[18] M. Fadya and D. N. Utama, "Towards Secure Information Systems: Developing and Implementing an Information Security Evaluation Model Using NIST CSF and COBIT 2019," TEM Journal, vol. 14, no. 1, pp. 182-191, Feb. 2025.
[19] J. L. Salas-Riega, Y. Riega-Virú, M. Ninaquispe-Soto, and J. M. Salas-Riega, "Cybersecurity and the NIST Framework: A Systematic Review of its Implementation and Effectiveness Against Cyber Threats," IJACSA, vol. 16, no. 6, 2025.
[20] S. J. Stratton, "Purposeful Sampling: Advantages and Pitfalls," Prehospital and Disaster Medicine, vol. 39, no. 2, pp. 121-122, 2024.
[21] A. A. Bahashwan et al., "A Systematic Literature Review on Machine Learning and Deep Learning Approaches for Detecting DDoS Attacks in Software-Defined Networking," Sensors, vol. 23, no. 9, p. 4441, May 2023.
[22] M. R. Rahman et al., "Mining temporal attack patterns from cyberthreat intelligence reports," Knowledge and Information Systems, vol. 67, pp. 8941-8981, 2025.
[23] O. Aljumaiah, W. Jiang, S. R. Addula, and M. A. Almaiah, "Analyzing Cybersecurity Risks and Threats in IT Infrastructure based on NIST Framework," Journal of Cyber Security and Risk Auditing, vol. 2025, no. 2, pp. 26-40, Apr. 2025.
[24] J. M. Krishna and B. S. M. Yadav, "Cyber Threat Data Collection and Threat Analysis: Building a Foundation for Proactive Cybersecurity," IJETMS, vol. 9, no. 1, Mar.-Apr. 2025.
