Correlated Web Traffic Anomaly Detection for Threat Intelligence Using Isolation Forest
Abstract
The information technology infrastructure of Manado State University (UNIMA) faces increasing complexity of cyber threats, marked by the detection of 546 malware and 760 high-impact attacks within a four-week period, indicating the inadequacy of traditional signature-based security systems. This research aims to develop a proactive anomaly detection system by integrating internal log data (Web Server Logs, Cisco Risk Reports) with external reputation data (Threat Intelligence API) using a Machine Learning algorithm. The method used is a hybrid model of CRISP-DM and Iterative Development, encompassing Data Fusion stages, Feature Engineering (generating metrics such as Request Rate and Abuse Score), implementation of the Isolation Forest algorithm, and the construction of an interactive Threat Intelligence Dashboard using Python (Dash/Plotly). The analysis results show that Isolation Forest is effective in isolating behavioral outliers, yielding a measurable Anomaly Score (0-100). The correlation of the internal anomaly score with external reputation scores (VirusTotal, AbuseIPDB) successfully validates the detected threats, ensuring that the flagged anomalies are valid cyber threats, not merely data noise. The resulting dashboard allows UPA-TIK Staff to prioritize incident investigation based on objectively quantified risk levels.
References
Abibulaiev, A., Pukach, P., & Vovk, M. (2026). Context-Aware ML/NLP Pipeline for Real-Time Anomaly Detection and Risk Assessment in Cloud API Traffic. Machine Learning and Knowledge Extraction, 8(1), 25. https://doi.org/10.3390/make8010025
Al-Akbar, M. ’Azam, Y. A. P., & Gurning, A. N. A. H. (2025). Deteksi trafik anomali berdasarkan pola trafik menggunakan isolation forest. Cosmic Jurnal Teknik, 2(3), 88–95.
Aminu, M., Akinsanya, A., Dako, D. A., & Oyedokun, O. (2024). Enhancing cyber threat detection through real-time threat intelligence and adaptive defense mechanisms. International Journal of Computer Applications Technology and Research, 13(8), 11-27. https://doi.org/10.7753/IJCATR1308.1002
Artika, D. A., Rumahorbo, D., Al-Majid, M. H., & Kiswanto, D. (2025). Implementasi sistem keamanan website dengan analisis log dan deteksi aktivitas anomali menggunakan isolation forest. Jurnal Informatika dan Teknik Elektro Terapan, 13(3S1), 1868–1877. https://journal.eng.unila.ac.id/index.php/jitet/article/view/8133
Aryanti, N., Ardiansyah, W., & Anggaira, A. S. (2023). Student perceptions toward eight forms of independent learning activities in independent learning independent campus program (mbkm). International Journal of Research in Vocational Studies (IJRVOCAS), 3(3), 52-62. https://doi.org/10.53893/ijrvocas.v3i3.233
Bainuan, L. D., & Tarigan, Y. Z. (2024). Strategy of the independent learning program-independent campus (MBKM) for the health study program curriculum: Scoping review. Journal of Scientific Research, Education, and Technology (JSRET), 3(1), 19-31. https://doi.org/10.58526/jsret.v3i1.310
Bianco, A. (2024). Automatic Cybersecurity Risk Analysis (Doctoral dissertation, Politecnico di Torino).
Das, S., & Nayak, T. (2013). Impact of cybercrime: Issues and challenges. International journal of engineering sciences & Emerging technologies, 6(2), 142-153. https://doi.org/10.31142/ijtsrd23456
Dianita Pramesti, K., Meisya, N. I., & Amrillah, R. (2024). Relevansi lulusan perguruan tinggi dengan dunia kerja. An Najah Jurnal Pendidikan Islam dan Sosial Agama, 3(4), 236–243. https://journal.nabest.id/index.php/annajah
Ekundayo, F., Atoyebi, I., Soyele, A., & Ogunwobi, E. (2024). Predictive analytics for cyber threat intelligence in fintech using big data and machine learning. Int J Res Publ Rev, 5(11), 1-15. https://doi.org/10.55248/gengpi.5.1124.3352
Fadli, M., Hanum, L., Amri, K., & Rusli, R. (2024). Barriers and Strategies: Analysis of the Implementation of Independent Learning Independent Campus (MBKM) at PTKI in Aceh. QALAMUNA: Jurnal Pendidikan, Sosial, dan Agama, 16(2), 1101-1114. https://doi.org/10.37680/qalamuna.v16i2.5730
Ismanda, R. S., Silitonga, M. T. A., & Hasanah, S. N. (2025). Deteksi hybrid anomali transaksi digital dengan optimasi isolation forest-K-means untuk peningkatan keamanan finansial. INNOVATIVE: Journal of Social Science Research, 5(3). https://doi.org/10.31004/innovative.v5i3.19791
Issenoro, Trisnawati, H., Tarigan, S. O., & Faizah, N. M. (2025). Web-based network anomaly detection system for disaster recovery center: A SIEM implementation at the Indonesian Attorney General Training Agency. Journal Innovations Computer Science, 4(1), 1–17. Yayasan Kawanad. https://doi.org/10.56347/jics.v4i1.217
Kamalia, P. U., & Andriansyah, E. H. (2021). Independent learning-independent campus (MBKM) in students’ perception. Jurnal Kependidikan: Jurnal Hasil Penelitian dan Kajian Kepustakaan di bidang Pendidikan, Pengajaran, dan Pembelajaran, 7(4), 857-867. https://doi.org/10.33394/jk.v7i4.4031
Kaul, D., & Khurana, R. (2021). AI to detect and mitigate security vulnerabilities in APIs: encryption, authentication, and anomaly detection in enterprise-level distributed systems. Eigenpub Review of Science and Technology, 5(1), 34-62.
Kraemer-Mbula, E., Tang, P., & Rush, H. (2013). The cybercrime ecosystem: Online innovation in the shadows?. Technological Forecasting and Social Change, 80(3), 541-555. https://doi.org/10.1016/j.techfore.2012.07.002
Lima, M., Viana, C., Santos, W. R., Neves, F., Campos, J. R., & Aires, F. (2025). Toward using cyber threat intelligence with machine and deep learning for IoT security: a comprehensive study. The Journal of Supercomputing, 81(15), 1-39. https://doi.org/10.1007/s11227-025-07850-2
Mangkey, R. L. B., Rorimpandey, G. C., & Kumajas, S. C. (2025). Analisis prostitusi online pada aplikasi Michat menggunakan algoritma naïve Bayes dan framework NIST. Jurnal Minfo Polgan, 14(2), 2658–2666. Politeknik Ganesha. https://doi.org/10.33395/jmp.v14i2.15466
Naseer, I. (2023). Machine learning applications in cyber threat intelligence: a comprehensive review. The Asian Bulletin of Big Data Management, 3(2), 190-200. https://doi.org/10.62019/abbdm.v3i2.85
Putri, C. L. S., & Rachman, R. (2025). Deteksi anomali pembayaran TPD dan TKGB dengan isolation forest dan evaluasi risiko berbasis COSO ERM. Jurnal Ilmiah Informatika Global, 16(2), 307–312.
Rambing, G. J. J., Kumajas, S. C., & Santa, K. (2024). Penerapan business intelligence pada upa teknologi informasi dan komunikasi Universitas Negeri Manado. Journal of Informatics, Business, Education, and Innovation Technology, 2, 104–114.
Rehman, F., & Hashmi, S. (2023). Enhancing cloud security: A comprehensive framework for real-time detection analysis and cyber threat intelligence sharing. Advances in Science, Technology and Engineering Systems Journal, 8(6), 107-119. https://doi.org/10.25046/aj080612
Sharma, G., Vidalis, S., Menon, C., Anand, N., & Kumar, S. (2021). Analysis and implementation of threat agents profiles in semi-automated manner for a network traffic in real-time information environment. Electronics, 10(15), 1849. https://doi.org/10.3390/electronics10151849
Soumik, M. S., Mamun, K. S. A., Omim, S., Khan, H. A., & Sarkar, M. (2024). Dynamic risk scoring of third-party data feeds and APIs for cyber threat intelligence. Journal of Computer Science and Technology Studies, 6(1), 282–292. https://creativecommons.org/licenses/by/4.0/
Tambingon, H., & Tangkere, T. F. (2025). Optimizing Family Welfare Education Management through Information Technology: A Case Study Approach. International Journal of Information Technology and Education, 4(2), 143-156.
Tjaija, A. (2022). Implementation of ‘freedom to learn, independent campus’(MBKM) policy. Al-Ishlah: Jurnal Pendidikan, 14(1), 319-328. https://doi.org/10.35445/alishlah.v14i1.2115
Vhalery, R., Setyastanto, A. M., & Leksono, A. W. (2022). Kurikulum Merdeka Belajar Kampus Merdeka: Sebuah kajian literatur. Research and Development Journal of Education, 8(1), 185. Universitas Indraprasta PGRI. http://dx.doi.org/10.30998/rdje.v8i1.11718
Copyright (c) 2026 Journal La Multiapp
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
