Journal of Technology and Computer (JOTECHCOM)
Vol. 3 No. 1 (2026): February 2026 - Journal of Technology and Computer

Event-Driven Intrusion Detection and Response Automation Using n8n Workflow Platform

Alfarizi, Nauval (Unknown)
Rivaldi, Rivaldi (Unknown)



Article Info

Publish Date
09 Feb 2026

Abstract

This study introduces a server security monitoring system that uses events to detect SSH brute-force attacks. It uses automatic log analysis and sends real-time alerts. To test how well the system works, an experiment was conducted simulating attacks against an SSH service (port 22) without a firewall. Three different situations were tested: normal access, detecting unusual activity, and high-stress attacks. Under normal conditions, the system saw very little traffic: 233 packets, an average of 19 packets per second, and 38 kbps, indicating little impact and no false alarms. As the attacks grew more intense, network traffic increased significantly, reaching 96,997 packets and 76.5 MB of data during high-stress attacks, with an average speed of 1,132 kbps. All 500 brute-force attempts were found and recorded. By combining automated workflows with real-time Telegram alerts, administrators can get timely warnings. The results show that the system is effective, can handle large amounts of data, and is dependable for real-time SSH attack detection and server security monitoring.

Copyrights © 2026






Journal Info

Abbrev

jotechcom

Publisher

Subject

Computer Science & IT

Description

The Journal of Technology and Computer (JOTECHCOM) brings together researchers, academics (faculty and students), and industry practitioners to develop the field, discuss new trends and opportunities, exchange ideas and practices, and promote cross-disciplinary and cross-domain collaboration. ...