<![CDATA[The increase in activity and security threats on Ubuntu server causes the volume of system logs to become very large and difficult to analyze manually. This condition potentially leads administrators to experience delays in detecting abnormal activities, such as repeated login attempts and web access patterns related to online gambling promotions. Therefore, this research aims to develop a machine learning-based Early Warning System capable of automatically detecting anomalous activities. The system is developed using the Python programming language and runs on an Ubuntu server by utilizing authentication logs and web access logs as the main data sources. The anomaly detection model is trained using normal activity data collected directly from the Ubuntu server logs to learn standard system behavior patterns. During the operational phase, the system reads server logs in real-time, extracts activity features, and analyzes them using the Isolation Forest algorithm. Activities detected as anomalies trigger alert notifications via Telegram to the administrator without performing automatic blocking. The results show that the system is able to provide early warnings for suspicious activities, thereby helping to improve server security more effectively.]]>
Copyrights © 2026
