<![CDATA[This study introduces a server security monitoring system that uses events to detect SSH brute-force attacks. It uses automatic log analysis and sends real-time alerts. To test how well the system works, an experiment was conducted simulating attacks against an SSH service (port 22) without a firewall. Three different situations were tested: normal access, detecting unusual activity, and high-stress attacks. Under normal conditions, the system saw very little traffic: 233 packets, an average of 19 packets per second, and 38 kbps, indicating little impact and no false alarms. As the attacks grew more intense, network traffic increased significantly, reaching 96,997 packets and 76.5 MB of data during high-stress attacks, with an average speed of 1,132 kbps. All 500 brute-force attempts were found and recorded. By combining automated workflows with real-time Telegram alerts, administrators can get timely warnings. The results show that the system is effective, can handle large amounts of data, and is dependable for real-time SSH attack detection and server security monitoring.]]>
Copyrights © 2026
