<![CDATA[The information technology infrastructure of Manado State University (UNIMA) faces increasing complexity of cyber threats, marked by the detection of 546 malware and 760 high-impact attacks within a four-week period, indicating the inadequacy of traditional signature-based security systems. This research aims to develop a proactive anomaly detection system by integrating internal log data (Web Server Logs, Cisco Risk Reports) with external reputation data (Threat Intelligence API) using a Machine Learning algorithm. The method used is a hybrid model of CRISP-DM and Iterative Development, encompassing Data Fusion stages, Feature Engineering (generating metrics such as Request Rate and Abuse Score), implementation of the Isolation Forest algorithm, and the construction of an interactive Threat Intelligence Dashboard using Python (Dash/Plotly). The analysis results show that Isolation Forest is effective in isolating behavioral outliers, yielding a measurable Anomaly Score (0-100). The correlation of the internal anomaly score with external reputation scores (VirusTotal, AbuseIPDB) successfully validates the detected threats, ensuring that the flagged anomalies are valid cyber threats, not merely data noise. The resulting dashboard allows UPA-TIK Staff to prioritize incident investigation based on objectively quantified risk levels.]]>
Copyrights © 2026
