<![CDATA[Web defacing attacks, where websites are replaced with unwanted content, such as online gambling advertisements, pose a serious threat to the integrity and reputation of websites, especially those belonging to government agencies. This research aims to detect and prevent web defacing attacks containing online gambling content by combining Wazuh Security Information and Event Management (SIEM) and Snort signature-based Intrusion Detection System (IDS). Wazuh is used to monitor and collect activity logs in real-time when suspicious activity is detected. Meanwhile, Snort IDS acts as a signature-based intrusion detection system that can recognize web defacing attack patterns through predefined rules for online gambling content. This research was conducted by building a web defacing attack simulation environment on the server, then testing the response and effectiveness of Wazuh and Snort in detecting and preventing attacks. The test results show that the combination of Wazuh SIEM and Snort IDS can detect and prevent web defacing attacks with a very high accuracy rate, namely 100% of attacks can be detected by Wazuh File Integrity Monitoring and 76% for Snort IDS. The implementation of this system is expected to help improve website security, especially those managed by public institutions, from web defacing threats.]]>
Copyrights © 2025
