Evaluasi Penerapan Pertahanan Proaktif WAF Dan HIDS Terhadap Eksploitasi Kerentanan Aplikasi Web
DOI:
https://doi.org/10.30812/corisindo.v1.5547Keywords:
Cross-Site Scripting, HIDS, Pertahanan Proaktif, SQL Injeksi, WAFAbstract
Keamanan aplikasi web menjadi semakin krusial dalam beberapa tahun terakhir, terutama terhadap serangan injeksi seperti SQL Injection (SQLi) dan Cross-Site Scripting (XSS). Berdasarkan laporan OWASP Top 10 tahun 2021, lebih dari 94% aplikasi web rentan terhadap serangan injeksi. Data Badan Siber dan Sandi Negara (BSSN) 2023 mencatat lebih dari 370 juta serangan siber di Indonesia, dengan sektor pemerintahan sebagai target utama. Penelitian ini mengevaluasi efektivitas Web Application Firewall (ModSecurity) dan Host-Based Intrusion Detection System (Wazuh) sebagai pertahanan proaktif. Eksperimen dilakukan di lingkungan virtual menggunakan pendekatan NDLC. Hasil menunjukkan sistem mencapai Detection Rate 100%, False Negative Rate 0%, dan False Positive Rate 4,2%, dengan akurasi 97,01%. Latensi respons pasif nol detik dan latensi respons aktif rata-rata satu detik, menandakan mitigasi hampir real-time. Dari sisi efisiensi, implementasi meningkatkan penggunaan CPU web server sebesar 25,9% dan RAM sebesar 18 MB, serta CPU Wazuh Server 9% dan RAM 53 MB. Kombinasi WAF dan HIDS efektif mendeteksi dan memblokir serangan SQLi dan XSS, termasuk varian tersamarkan. Integrasi ini direkomendasikan untuk sistem web dengan trafik menengah, dengan catatan pengaturan aturan dan manajemen log penting untuk menjaga efisiensi dan kestabilan jangka panjang.
References
[1] T. D. Sobola, P. Zavarsky, and S. Butakov, “Experimental Study of ModSecurity Web Application Firewalls,” in Proceedings - 2020 IEEE 6th Intl Conference on Big Data Security on Cloud, BigDataSecurity 2020, 2020 IEEE Intl Conference on High Performance and Smart Computing, HPSC 2020 and 2020 IEEE Intl Conference on Intelligent Data and Security, IDS 2020, 2020. doi: 10.1109/BigDataSecurity-HPSC-IDS49724.2020.00045.
[2] M. Tsiodra, S. Panda, M. Chronopoulos, and E. Panaousis, “Cyber Risk Assessment and Optimization: A Small Business Case Study,” IEEE Access, vol. 11, 2023, doi: 10.1109/ACCESS.2023.3272670.
[3] Synopsys, “OWASP Top 10 2021,” 2021.
[4] Imperva, “What is OSI Model | 7 Layers Explained | Imperva,” 2023.
[5] M. Lestari and T. Finaldin, “KERJA SAMA ANTARA INDONESIA DAN NEGARA-NEGARA DI ASIA TENGGARA MELALUI ASEAN REGIONAL FORUM DALAM BIDANG KEAMANAN SIBER,” Global Mind, vol. 4, no. 2, 2023, doi: 10.53675/jgm.v4i2.987.
[6] V. Pikulin et al., “Towards Developer-Centered Secure Coding Training,” in Proceedings - 2023 38th IEEE/ACM International Conference on Automated Software Engineering Workshops, ASEW 2023, 2023. doi: 10.1109/ASEW60602.2023.00008.
[7] M. Haug, A. C. F. da Silva, and S. Wagner, “Towards Immediate Feedback for Security Relevant Code in Development Environments,” in Communications in Computer and Information Science, 2022. doi: 10.1007/978-3-031-18304-1_4.
[8] M. Jaza Al Anzi and M. Abdul-Rahman Al Balwi, “International Journal of INTELLIGENT SYSTEMS AND APPLICATIONS IN ENGINEERING Secure Software Development: Problems and Solutions.” [Online]. Available: www.ijisae.org
[9] F. M. Alotaibi and V. G. Vassilakis, “Toward an SDN-Based Web Application Firewall: Defending against SQL Injection Attacks,” Future Internet, vol. 15, no. 5, 2023, doi: 10.3390/fi15050170.
[10] H. Hardianto, “Analisis Cyber Crime handling pada Aplikasi Web dengan WAF ModSecurity,” PETIR, vol. 16, no. 1, 2023, doi: 10.33322/petir.v16i1.1910.
[11] S. A. Chamkar, M. Zaydi, and Y. Maleh, “Improving Threat Detection in Wazuh Using Machine Learning Techniques,” pp. 1–25, 2025.
[12] M. E. Durmuşkaya and S. Bayraklı, “Web application firewall based on machine learning models,” PeerJ Comput Sci, vol. 11, p. e2975, Jul. 2025, doi: 10.7717/peerj-cs.2975.
[13] A. Willerton, “Evaluating the efficiency of Host-based Intrusion Detection Systems protecting web applications,” no. June, 2022.
[14] L. Layman and W. Roden, “A Controlled Experiment on the Impact of Intrusion Detection False Alarm Rate on Analyst Performance,” in Proceedings of the Human Factors and Ergonomics Society, 2023. doi: 10.1177/21695067231192573.
[15] R. T. Prabowo and M. T. Kurniawan, “Analisis dan Desain Keamanan Jaringan Komputer dengan Metode Network Development Life Cycle (Studi Kasus: Universitas Telkom),” Jurnal Rekayasa Sistem & Industri, vol. 2, no. 1, 2015.
[16] I. Kamu, M. T. Parinsi, M. W. Kuhu, and A. V. Mananggel, “Computer Network Design in Vocational School Using Network Simulator,” International Journal of Information Technology and Education, vol. 2, no. 1, 2022, doi: 10.62711/ijite.v2i1.86.
[17] M. Anto, “Implementasi Jaringan Point to Multipoint Menggunakan Metode NDLC,” MULTINETICS, vol. 8, no. 2, 2023, doi: 10.32722/multinetics.v8i2.5066.
[18] G. Kumar Ahuja and G. Kumar, “Evaluation metrics for intrusion detection systems-a study,” Evaluation, vol. 2, no. 11, 2014.
[19] C. Anthony, W. Elgenaidi, and M. Rao, “Intrusion Detection System for Autonomous Vehicles Using Non-Tree Based Machine Learning Algorithms,” Electronics (Switzerland), vol. 13, no. 5, 2024, doi: 10.3390/electronics13050809.
[20] N. Nurdadyansyah and M. Hasibuan, “Perancangan Local Area Network Menggunakan NDLC Untuk Meningkatkan Layanan Sekolah,” Jurnal KONIK, vol. 5, 2021.
