Analisis kemampuan zeek dan suricata sebagai host-based intrusion detection system (HIDS) terhadap serangan denial of service (DoS) pada jaringan

Search by :

ALL Author Subject ISBN/ISSN Advanced Search

Last search:

Text

Analisis kemampuan zeek dan suricata sebagai host-based intrusion detection system (HIDS) terhadap serangan denial of service (DoS) pada jaringan

Nanang Trianto - Personal Name; Jeckson Sidabutar - Personal Name; Tiyas Yulita - Personal Name; Pratiwi Armita - Personal Name;

Abstrak:
Jaringan internet saat ini rentan terhadap berbagai ancaman, khususnya serangan Denial of Service (DoS) yang bertujuan menghentikan layanan dan koneksi jaringan. Untuk menangani ancaman tersebut, Sistem Deteksi dan Pencegahan Intrusi Intrusion Detection System (IDS) diimplementasikan sebagai langkah proaktif dalam identifikasi dan pencegahan serangan sebelum merugikan sistem. Penelitian ini bertujuan untuk mengevaaluasi efektivitas dua perangkat lunak open-source IDS, yaitu Zeek dan Suricata, dalam mendeteksi dan merespons serangan yang terjadi. Serangan jenis UDP flood, TCP flood, dan HTTP flood dijalankan dengan metodologi NDLC (Network Development Life Cycle). Setelah simulasi, evaluasi dilakukan dengan mengukur efektivitas kedua alat dalam mendeteksi dan mencegah serangan menggunakan metode VEA-bility. Hasil penelitian menunjukkan bahwa, berdasarkan analisis metrik VEA-bility, Suricata memiliki kinerja yang lebih baik karena mendapatkan score VEA-bility sebesar 3.45 dalam mendeteksi dan menangani serangan dibandingkan dengan Zeek yang mendapatkan nilai sebesar 2.3.
Abstract:
Networks face threats like the Denial of Service (DoS) attack, which disrupt services and render networks inaccessible. These attacks overwhelm targets with excessive traffic or send detrimental information, causing system failures. To combat such threats, the Intrusion Detection System (IDS) is deployed. Employing the Network Detection Life Cycle (NDLC) methodology, IDS works to safeguard network security by identifying potential threats and attacks. By scanning user networks, the IDS pinpoints vulnerabilities, alerting administrators and initiating preventive measures, such as shutting vulnerable access points. This research subjected networks to UDP, TCP, and HTTP flood attacks, followed by an effectiveness evaluation of two open-source IPS: Zeek and Suricata. Using the VEA-ability method, security metrics were derived from dimensions of vulnerability, exploitability, and attackability, presented as scores ranging from 0 to 10. The results indicate that Suricata outperforms Zeek in system security viability.

Availability

Rekayasa Keamanan Siber 2023 PRA a

TA20230101744

Available - Read on Location

Rekayasa Keamanan Siber 2023 PRA a

TA20230101745

Available - Read on Location

Detail Information

Series Title: --
Call Number: 2023 PRA a
Publisher: Bogor : Politeknik Siber dan Sandi Negara., 2023
Collation: xi, 42 halaman
Language: Indonesia
ISBN/ISSN: --
Classification: Rekayasa Keamanan Siber
Content Type: -
Media Type: -
Carrier Type: -
Edition: --
Subject(s): Zeek
Suricata
Denial of Service
Intrusion Detection System (IDS)
VEA-bility
Specific Detail Info: --
Statement of Responsibility: Pratiwi Armita

Other version/related

No other version available

File Attachment

No Data

Comments

You must be logged in to post a comment