DATA WAREHOUSE MODELLING INFORMATION SECURITY LOG MANAGEMENT IN BUILDING A SECURITY OPERATION CENTER IN CENTRAL GOVERNMENT AGENCIES WITH KIMBALL METHOD
Abstract
Central Government, is a government agency that manages important and confidential state data and information. The data that is managed needs to be maintained for reliability and security in order to avoid the risk of loss, leakage and misuse of information. To maintain this data, an optimal information security device is needed. Information security tools used today have a variety of functions resulting in many important logs that must be managed, analyzed and evaluated. The log data from each of these information security devices is still separate and must be processed manually to obtain simpler and more efficient data so that it can be monitored and presented to management. The purpose of this research is to make the right data warehouse modeling in order to assist in the process of presenting information quickly and accurately related to the processing of data logs of information security devices as a report that will be given to management in support of the Zero Tollerance data security policy. The method used in designing this data warehouse is using the Kimball 9 step method. The results obtained are in the form of a starflake schema and a data warehouse log of information security devices consisting of a malware fact table, intrusion facts and attack facts that can be used as centralized data monitoring that will be implemented at the Security Operation Center. Testing is done using Pentaho software tools. This data warehouse is expected to provide a quick, accurate, and continuous summary of information so that it can assist management in the decision-making process and policy making for the future.
Downloads
References
P. D. Pandit, “An Analysis of Computer Security , Attack Models and Defensive Mechanisms,” no. September, 2021, doi: 10.13140/RG.2.2.34616.06406.
M. Siwach and S. Mann, “Anomaly Detection for Web Log based Data: A Survey,” 2022 IEEE Delhi Sect. Conf. DELCON 2022, vol. 13, no. 1, pp. 129–148, 2022, doi: 10.1109/DELCON54057.2022.9753130.
M. Akbar and Y. Rahmanto, “Desain Data Warehouse Penjualan Menggunakan Nine Step Methodology Untuk Business Intelegency Pada Pt Bangun Mitra Makmur,” J. Inform. dan Rekayasa Perangkat Lunak, vol. 1, no. 2, pp. 137–146, 2020, doi: 10.33365/jatika.v1i2.331.
I. G. W. Darma, K. S. Utami, and N. W. S. Aryani, “Data Warehouse Analysis to Support UMKM Decisions using the Nine-step Kimball Method,” Int. J. Eng. Emerg. Technol., vol. 4, no. 1, pp. 1–5, 2019.
A. Filiana, A. G. Prabawati, M. N. A. Rini, G. Virginia, and B. Susanto, “Perancangan Data Warehouse Perguruan Tinggi untuk Kinerja Penelitian dan Pengabdian kepada Masyarakat,” J. Tek. Inform. dan Sist. Inf., vol. 6, no. 2, pp. 174–183, 2020, doi: 10.28932/jutisi.v6i2.2557.
N. S. Fitriasari, I. Ariawan, A. Rais, T. E. Ahmad, and R. D. Azhari, “View of Rancangan Dan Implementasi Modul Data Warehouse Dan Data Mining Sebagai Kritikal Sukses Faktor Pada Enterprise,” Pros. Semin. Nas. Ilmu Komput. Vol. 1, No 1., vol. 1, no. 1, pp. 41–52, 2021, [Online]. Available: https://proceeding.unived.ac.id/index.php/snasikom/article/view/51/45
N. Hidayat et al., “Analysis and Design of Data Warehouse Based on Sndikti Using Data Warehouse Life Cycle Method At Unsoed Engineering Analisis Dan Perancangan Data Warehouse Berdasarkan Sndikti Menggunakan Metode Data Warehouse Life Cycle Di Fakultas,” vol. 3, no. 3, pp. 797–805, 2022.
R. J. Salaki, J. Waworuntu, and I. R. H. T. Tangkawarow, “Extract transformation loading from OLTP to OLAP data using pentaho data integration,” IOP Conf. Ser. Mater. Sci. Eng., vol. 128, no. 1, 2016, doi: 10.1088/1757-899X/128/1/012020.
A. D. Barahama and R. Wardani, “Utilization Extract, Transform, Load for Developing Data Warehouse in Education Using Pentaho Data Integration,” J. Phys. Conf. Ser., vol. 2111, no. 1, pp. 0–8, 2021, doi: 10.1088/1742-6596/2111/1/012030.
A. Vaisman, Data-Warehouse-Systeme. 2007. doi: 10.1007/978-3-8350-9178-8_2.
O. Aslan and R. Samet, “A Comprehensive Review on Malware Detection Approaches,” IEEE Access, vol. 8, pp. 6249–6271, 2020, doi: 10.1109/ACCESS.2019.2963724.
A. Khraisat, I. Gondal, P. Vamplew, and J. Kamruzzaman, “Survey of intrusion detection systems: techniques, datasets and challenges,” Cybersecurity, vol. 2, no. 1, 2019, doi: 10.1186/s42400-019-0038-7.
D. Juardi, “Kajian vulnerability keamanan data dari eksploitasi hash length extension attack vulnerability data satisfaction study from exploitation hash length extension attack,” vol. 6, no. 1, 2017.
A. Rahmatillah et al., “Implementasi Intrusion Prevention System (IPS) Pada Keamanan Jaringan Dengan Notifikasi Berbasis Telegram di Jurusan Teknik Komputer,” 2021.
J. K. Anggraenni, “Simulasi Keamanan Pada Aplikasi Web Dengan Web Application Firewall,” Ilm. Komput., pp. 45–50, 2013.
L. Z. A. Mardedi, “Analisa Kinerja System Gluster FS pada Proxmox VE untuk Menyediakan High Availability,” MATRIK J. Manajemen, Tek. Inform. dan Rekayasa Komput., vol. 19, no. 1, pp. 173–185, 2019, doi: 10.30812/matrik.v19i1.473.
A. Madani, S. Rezayi, and H. Gharaee, “Log management comprehensive architecture in Security Operation Center (SOC),” Proc. 2011 Int. Conf. Comput. Asp. Soc. Networks, CASoN’11, pp. 284–289, 2011, doi: 10.1109/CASON.2011.6085959.
K. A. Shobirin, A. P. S. Iskandar, and I. B. A. Swamardika, “Data Warehouse Schemas using Multidimensional Data Model for Retail,” Int. J. Eng. Emerg. Technol., vol. 2, no. 1, p. 84, 2017, doi: 10.24843/ijeet.2017.v02.i01.p17.
Copyright (c) 2022 Maya Asmita
This work is licensed under a Creative Commons Attribution 4.0 International License.
