Event-Driven Intrusion Detection and Response Automation Using n8n Workflow Platform

Nauval Alfarizi; Rivaldi Rivaldi

Penulis

Nauval Alfarizi Sekolah Menengah Kejuruan Telkom 2 Medan Penulis
Rivaldi Rivaldi Sekolah Menengah Kejuruan Telkom 2 Medan Penulis

Kata Kunci:

Automation, n8n, Workflow, Log Monitoring, Brute Force Attack

Abstrak

This study introduces a server security monitoring system that uses events to detect SSH brute-force attacks. It uses automatic log analysis and sends real-time alerts. To test how well the system works, an experiment was conducted simulating attacks against an SSH service (port 22) without a firewall. Three different situations were tested: normal access, detecting unusual activity, and high-stress attacks. Under normal conditions, the system saw very little traffic: 233 packets, an average of 19 packets per second, and 38 kbps, indicating little impact and no false alarms. As the attacks grew more intense, network traffic increased significantly, reaching 96,997 packets and 76.5 MB of data during high-stress attacks, with an average speed of 1,132 kbps. All 500 brute-force attempts were found and recorded. By combining automated workflows with real-time Telegram alerts, administrators can get timely warnings. The results show that the system is effective, can handle large amounts of data, and is dependable for real-time SSH attack detection and server security monitoring.

Referensi

A. G. Prawiyogi and A. S. Anwar, “Perkembangan Internet of Things (IoT) pada Sektor Energi: Sistematik Literatur Review,” J. MENTARI Manajemen, Pendidik. dan Teknol. Inf., vol. 1, no. 2, pp. 187–197, 2023, [Online]. Available: https://journal.pandawan.id/mentari/article/view/254%0Ahttps://journal.pandawan.id/mentari/article/download/254/251

Farhatun Nisaul Ahadiyah, “Perkembangan Teknologi Infomasi Terhadap Peningkatan Bisnis Online,” INTERDISIPLIN J. Qual. Quant. Res., vol. 1, no. 1, pp. 41–49, 2023, doi: 10.61166/interdisiplin.v1i1.5.

M. Irfan, M. Elvia, and S. Dania, “x,” Jursima, vol. 11, no. 1, pp. 110–121, 2023.

S. Neupane et al., “Explainable Intrusion Detection Systems (X-IDS): A Survey of Current Methods, Challenges, and Opportunities,” IEEE Access, vol. 10, no. August, pp. 112392–112415, 2022, doi: 10.1109/ACCESS.2022.3216617.

R. L. Nauval Alfarizi, T. M. Diansyah, “Simulasi Pengamanan Virtual Server Menggunakan Dionaea Honeypot Dan Tunneling Sebagai Proses Pengamanan Komunikasi Data,” Snastikom, vol. 9, no. 4, pp. 41–48, 2022.

D. Desmira and R. Wiryadinata, “Rancang Bangun Keamanan Port Secure Shell (SSH) Menggunakan Metode Port Knockking,” INSANtek, vol. 3, no. 1, pp. 1–5, 2022, doi: 10.31294/instk.v3i1.552.

A. Rahma, F. Indriyani, and T. A. A. Sandi, “Perancangan Dan Implementasi Monitoring Perangkat Server Menggunakan Zabbix Pada PT. Rizki Tujuh Belas Kelola,” J. Insa. J. Inf. Syst. Manag. Innov., vol. 3, no. 2, pp. 85–95, 2023, doi: 10.31294/jinsan.v3i2.3009.

S. Khriji, Y. Benbelgacem, R. Chéour, D. El Houssaini, and O. Kanoun, “Design and implementation of a cloud-based event-driven architecture for real-time data processing in wireless sensor networks,” J. Supercomput., vol. 78, no. 3, pp. 3374–3401, 2022, doi: 10.1007/s11227-021-03955-6.

A. Kumar, “How to Connect AI Agents with n8n for End-to-End Automation,” no. Iv, pp. 73–81, 2024.

Nurhaliza and Suendri, “Utilizing GPT-4o Mini in Designing a WhatsApp Chatbot to Support the New Student Admission Process at Telkom University,” Journal.Ittelkom-Pwt.Ac.Id/Index.Php/Dinda, vol. 5, no. 2, pp. 258–267, 2025.

C. Pamungkas, P. Hendradi, D. Sasongko, and A. Ghifari, “Analysis of Brute Force Attacks Using National Institute Of Standards And Technology (NIST) Methods on Routers,” J. Informatics Inf. Syst. Softw. Eng. Appl., vol. 5, no. 2, pp. 115–125, 2023, doi: 10.20895/inista.v5i2.1039.

J. A. Dharma and Rino, “Network Attack Detection Using Intrusion Detection System Utilizing Snort Based on Telegram,” bit-Tech, vol. 6, no. 2, pp. 118–126, 2023, doi: 10.32877/bt.v6i2.943.

Yusril Athallah dan Rizqi Agung, “VOL. VIII NO. 1 FEBRUARI 2022 JURNAL TEKNIK INFORMATIKA STMIK ANTAR BANGSA Rancang Bangun Prototype Monitoring Lampu Jalan Secara Otomatis Menggunakan Mikrokontroller ESP32 Dan Api Bot Telegram,” vol. VIII, no. 1, pp. 12–19, 2022, [Online]. Available: http://awesomerockguy.blogspot.com/2015/10/tutorial-

N. R. Fachrurrozi, A. A. Wirabudi, and S. A. Rozano, “Design of network monitoring system based on LibreNMS using Line Notify, Telegram, and Email notification,” Sinergi (Indonesia), vol. 27, no. 1, pp. 111–122, 2023, doi: 10.22441/sinergi.2023.1.013.

A. khusnul Umam, E. Wijayanti, and A. A. Chamid, “Pengembangan Chatbot Pada Platform Telegram Sebagai Media Informasi Seputar Handphone,” bit-Tech, vol. 8, no. 1, pp. 33–40, 2025, doi: 10.32877/bt.v8i1.2150.