Penerapan Elastic Stack sebagai Tools Alternatif Pemantauan Traffic Jaringan dan Host pada Instansi Pemerintah untuk Memperkuat Keamanan dan Ketahanan Siber Indonesia
Abstract
Kemajuan Teknologi Informasi dan Komunikasi (TIK) membentuk suatu ruang siber yang memudahkan akses terhadap informasi dan pengelolaannya secara cepat dan akurat. Hal ini menyebabkan keamanan pada sistem dan informasi perlu untuk ditingkatkan, terutama pada sektor pemerintah yang menjadi target utama serangan siber. Data Pusat Operasi Keamanan Siber Nasional (Pusopskamsinas) BSSN pada tahun 2018 menunjukkan bahwa domain go.id menempati peringkat pertama dengan persentase 30,75% dengan mayoritas kasus web defacement. Secara umum memang banyak aspek yang harus diperbaiki terkait keamanan siber pada sektor pemerintah. Salah satu hal yang perlu ditingkatkan adalah koordinasi keamanan siber antar pemerintah pusat, instansi lain dan pemerintah daerah. Pada penelitian ini diberikan rekomendasi pola koordinasi keamanan siber antar instansi pemerintah dan alternatif solusi dari sisi teknologi dengan menerapkan teknologi open-source, salah satunya Elastic Stack. Elastic Stack dipilih karena mudah untuk dikembangkan sesuai kebutuhan dan kemampuan anggaran instansi pemerintah yang berbeda-beda, bersifat open-source yang didukung oleh komunitas sehingga dapat terus dikembangkan.
Kata kunci: ancaman siber, keamanan siber, elastic stack, pemantauan jaringan.
ABSTRACT
The advancement of Information and Communication Technology (ICT) forms a cyber space that facilitates access to information and its management quickly and accurately. This causes security in the system and information needs to be improved, especially in the government sector which is the main target of cyber-attacks. Data from the National Cyber Security Operations Center (Pusopskamsinas) of BSSN in 2018 showed that the go.id domain ranked first with a percentage of 30.75% with most web defacement cases. In general, there are indeed many aspects that need to be improved in relation to cyber security in the government sector. One thing that needs to be improved is the coordination of cyber security between the central government, other agencies, and local governments. In this study, recommendations are given for the pattern of cyber security coordination between government agencies and alternative solutions in terms of technology by applying open-source technology, one of which is Elastic Stack. Elastic Stack was chosen because it is easy to develop according to the needs and budget capabilities of different government agencies, which are open source supported by the community so that it can continue to be developed.
Keywords: cyber threats, cyber security, elastic stack, network monitoring.
Full Text:
PDF (Bahasa Indonesia)References
APJII, A. P. J. I. I. (2018). Penetrasi & perilaku pengguna internet indonesia.
Babu, J. B., Prasad, S., & Prasad, G. S. (2019). Detecting and Analyzing the Malicious Linux Events using Filebeat and ELK Stack. https://www.ijeat.org/wp-content/uploads/papers/v8i4/D7003048419.pdf
Bara Hitapuru. (2018). Analisis Kemampuan Security Operations Center (SOC) Sebagai Sistem Pertahanan Siber Dalam Mengatasi Ancaman Serangan Siber Di Indonesia. Universitas Indonesia.
Chen, Y., Chong, P. P., & Zhang, B. (2004). Cyber security management and e-government. 1(3), 316–327.
Deputi Bidang Proteksi BSSN. (2018). Transformasi Lembaga Sandi Negara Menjadi Badan Siber dan Sandi Negara. Focus Group Discussion Proteksi, Penanggulangan, dan Pemulihan Insiden Siber Sektor Pemerintah. https://govcsirt.bssn.go.id/download/Transformasi-Lemsaneg-menjadi-BSSN-signed.pdf
Elahi, U. (t.t.). Elastic Stack—A Brief Introduction. Diambil 11 Oktober 2019, dari https://hackernoon.com/elastic-stack-a-brief-introduction-794bc7ff7d4f
Elasticsearch B.V. (2019a). An Introduction to the ELK Stack for Logs and Metrics. https://www.elastic.co/webinars/introduction-elk-stack
Elasticsearch B.V. (2019b). Getting started with the Elastic Stack. https://www.elastic.co/guide/en/elastic-stack-get-started/current/get-started-elastic-stack.html
Elasticsearch B.V. (2019c). What is the ELK Stack? Why, it’s the Elastic Stack. https://www.elastic.co/what-is/elk-stack
Grigorof, A. (2019). Open Source / Free Security Controls—Version 1.4. http://www.eventid.net/docs/open_source_security_controls.asp
Harikanth, M., & Rajarajeswari, P. (2019). Malicious Event Detection Using ELK Stack Through Cyber Threat Intelligence.
Hootsuite, & We are social. (2019). Digital 2019.
Hutchins, M. J., Bhinge, R., Micali, M. K., Robinson, S. L.,
Sutherland, J. W., & Dornfeld, D. (2015). Framework for Identifying Cybersecurity Risks in Manufacturing. Procedia Manufacturing, 1, 47–63. https://doi.org/10.1016/j.promfg.2015.09.060
Id-SIRTII. (2018). Laporan Tahunan Id-SIRTII Tahun 2018.
Peraturan Pemerintah Nomor 82 tahun 2012 tentang Penyelenggaraan Sistem dan Transaksi Elektronik, (2012).
Undang—Undang nomor 23 tahun 2014 tentang Pemerintah Daerah, (2012).
Kominfo. (2017). Tren Serangan Siber Nasional 2016 dan Prediksi 2017.
Kumar, V., Srivastava, J., & Lazarevic, A. (2005). Managing Cyber Threats Issues, Approaches and Challenges (hlm. 4). Springer.
Open Information Security Foundation. (2019). About Suricata. https://suricata-ids.org/about/
OSSEC PROJECT TEAM. (2019). Host Intrusion Detection for Everyone. https://www.ossec.net/about/
Peraturan Presiden Nomor 53 Tahun 2017 Tentang Badan Siber dan Sandi Negara, Pub. L. No. 53 (2017).
Peraturan Presiden Nomor 133 Tahun 2017 tentang Perubahan Atas Peraturan Presiden Nomor 53 Tahun 2017 Tentang Badan Siber dan Sandi Negara, (2018).
Praneeth, J. N., & Sreedevi, M. (2019). Detecting and Analyzing the Malicious Windows Events using Winlogbeat and ELK Stack. https://www.ijrte.org/wp-content/uploads/papers/v7i6s/F03400376S19.pdf
Raja, B., Ravindranath, K., & Jayanag, B. (2019). Monitoring and Analysing Anomaly Activities in a Network using Packetbeat. https://www.ijitee.org/wp-content/uploads/papers/v8i6s/F60190486S19.pdf
Sameer Dharur, & K Swaminathan. (2018). Efficient surveillance and monitoring using the ELK stack for IoT powered Smart Buildings. Proceedings of the Second International Conference on
Inventive Systems and Control (ICISC 2018), CFP18J06-ART. https://ieeexplore.ieee.org/document/8398888
Sudarmadi, D. A. (2018). Strategi Badan Siber Dan Sandi Negara (Bssn) Dalam Menghadapi Ancaman Siber Di Indonesia. Universitas Indonesia.
DOI: https://doi.org/10.32528/justindo.v5i2.3527
Refbacks
- There are currently no refbacks.
Copyright (c) 2020 Adrian Admi, Abdul Hakim Nur Maulana
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.