File Integrity Monitoring as a Method for Detecting and Preventing Web Defacement Attacks
DOI:
https://doi.org/10.15575/join.v9i2.1326Keywords:
Brute Force Attack, File Integrity Monitoring, Wazuh, Web DefacementAbstract
References
[1] S. Inc, “2024 SonicWall Cyber Threat Report,” 2024.
[2] Trend Micro, “Calibrating Expansion: 2023 Annual Cybersecurity Report,” 2023.
[3] BSSN, “KEAMANAN SIBER INDONESIA 2022 T L P : C L E A R,” Jakarta, 2023.
[4] D. Zlatkovski, A. Mileva, K. Bogatinova, and I. Ampov, “A New Real-Time File Integrity Monitoring System for Windows-based Environments.”
[5] B. Al-Muntaser, M. Afendee Mohamed, A. Yaseen Tuama, U. Sultan Zainal Abidin, and K. Terengganu, “Real-Time Intrusion Detection of Insider Threats in Industrial Control System Workstations Through File Integrity Monitoring,” IJACSA) International Journal of Advanced Computer Science and Applications, vol. 14, no. 6, pp. 327–333, 2023, [Online]. Available: www.ijacsa.thesai.org
[6] S. Agarwal, A. Sable, D. Sawant, S. Kahalekar, and M. K. Hanawal, “Threat Detection and Response in Linux Endpoints,” in 2022 14th International Conference on COMmunication Systems and NETworkS, COMSNETS 2022, Institute of Electrical and Electronics Engineers Inc., 2022, pp. 447–449. doi: 10.1109/COMSNETS53615.2022.9668567.
[7] A. A. Mughal and A. A. Mughal, “Building and Securing the Modern Security Operations Center (SOC),” International Journal of Business Intelligence and Big Data Analytics, 2022, [Online]. Available: https://orcid.org/0009-0006-8460-8006
[8] B. Shi, B. Li, L. Cui, and L. Ouyang, “Vanguard: A cache-level sensitive file integrity monitoring system in virtual machine environment,” IEEE Access, vol. 6, pp. 38567–38577, Jun. 2018, doi: 10.1109/ACCESS.2018.2851192.
[9] S. K. Peddoju, H. Upadhyay, and L. Lagos, “File integrity monitoring tools: Issues, challenges, and solutions,” Concurr Comput, vol. 32, no. 22, Nov. 2020, doi: 10.1002/cpe.5825.
[10] M. Albalawi, R. Aloufi, N. Alamrani, N. Albalawi, A. Aljaedi, and A. R. Alharbi, “Website Defacement Detection and Monitoring Methods: A Review,” Electronics (Switzerland), vol. 11, no. 21. MDPI, Nov. 01, 2022. doi: 10.3390/electronics11213573.
[11] A. Salman, M. S. Khan, S. Idrees, F. Akram, M. Junaid, and A. L. Malik, “File Integrity Checkers: Functionality, Attacks, and Protection,” in 2022 2nd International Conference on Digital Futures and Transformative Technologies, ICoDT2 2022, Institute of Electrical and Electronics Engineers Inc., 2022. doi: 10.1109/ICoDT255437.2022.9787428.
[12] D. Laksmiati, “IMPLEMENTASI WAZUH 4.0 UNTUK PERLINDUNGAN KEAMANAN INTEGRITAS FILE,” Jurnal AKRAB JUARA, vol. 6, pp. 164–174, 2021.
[13] T. Suryantoro, B. D. P. Purnomosidi, and W. Andriyani, “The Analysis of Attacks Against Port 80 Webserver with SIEM Wazuh Using Detection and OSCAR Methods,” in 2022 5th International Seminar on Research of Information Technology and Intelligent Systems, ISRITI 2022, Institute of Electrical and Electronics Engineers Inc., 2022, pp. 1–6. doi: 10.1109/ISRITI56927.2022.10052950.
[14] S. Stankovic, S. Gajin, and R. Petrovic, “A Review of Wazuh Tool Capabilities for Detection Attack Based on Log Analysis,” Serbia: IX International Conference IcETRAN, Jun. 2022, pp. 1–5.
[15] M. Romagna and N. Jan van den Hout, “Hacktivism and Website Defacement: Motivations, Capabilites and Potential Threats,” 27th Virus Bulletin Conference, vol. 1, pp. 1–10, 2017, [Online]. Available: http://www.zone-h.org/.
[16] Anggrahito, R. Ibrahim, A. Fajri, and E. Murniyanti, “Implementasi Web Application Firewall Menggunakan ReverseProxy dan ModSecurity Sebagai Alternatif Pengamanan Aplikasi Web Pada Sektor Pemerintah,” CITEE2019, pp. 199–205, Jul. 2019, [Online]. Available: http://news.netcraft.com/archives/2018/02/13/february-2018-web-server-
[17] Wazuh, “Getting started with Wazuh,” https://documentation.wazuh.com/current/getting-started/index.html. Accessed: Nov. 17, 2023. [Online]. Available: https://documentation.wazuh.com/current/getting-started/index.html
[18] Incident Response Team, “WEB DEFACEMENT : JUDI ONLINE,” 2023.
[19] A. Nursetyo, D. R. I. M. Setiadi, C. A. Sari, and E. H. Rachmawanto, “Website and Network Security Techniques against Brute Force Attacks using Honeypot,” Fourth International Conference on Informatics and Computing (ICIC), pp. 1–6, Oct. 2019, doi: 10.1109/ICIC47613.2019.8985686.
[20] P. G. Shah and J. Ayoade, “An Empricial Study of Brute Force Attack on Wordpress Website,” in Proceedings - 5th International Conference on Smart Systems and Inventive Technology, ICSSIT 2023, Institute of Electrical and Electronics Engineers Inc., 2023, pp. 659–662. doi: 10.1109/ICSSIT55814.2023.10060966.
Downloads
Published
Issue
Section
Citation Check
License
Copyright (c) 2024 Candra Kurniawan, Agung Triayudi

This work is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License.
You are free to:
- Share — copy and redistribute the material in any medium or format for any purpose, even commercially.
- The licensor cannot revoke these freedoms as long as you follow the license terms.
Under the following terms:
-
Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
-
NoDerivatives — If you remix, transform, or build upon the material, you may not distribute the modified material.
-
No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.
Notices:
- You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable exception or limitation.
- No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as publicity, privacy, or moral rights may limit how you use the material.
This work is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License