Image of Analisis Kemampuan Zeek dan Suricata Sebagai Host-Based Intrusion Detection System (HIDS) Terhadap Serangan Denial of Service (DoS) pada Jaringan
Bookmark Share

Text

Analisis Kemampuan Zeek dan Suricata Sebagai Host-Based Intrusion Detection System (HIDS) Terhadap Serangan Denial of Service (DoS) pada Jaringan

Abstrak:
Jaringan internet saat ini rentan terhadap berbagai ancaman, khususnya serangan Denial of Service (DoS) yang bertujuan menghentikan layanan dan koneksi jaringan. Untuk menangani ancaman tersebut, Sistem Deteksi dan Pencegahan Intrusi Intrusion Detection System (IDS) diimplementasikan sebagai langkah proaktif dalam identifikasi dan pencegahan serangan sebelum merugikan sistem. Penelitian ini bertujuan untuk mengevaaluasi efektivitas dua perangkat lunak open-source IDS, yaitu Zeek dan Suricata, dalam mendeteksi dan merespons serangan yang terjadi. Serangan jenis UDP flood, TCP flood, dan HTTP flood dijalankan dengan metodologi NDLC (Network Development Life Cycle). Setelah simulasi, evaluasi dilakukan dengan mengukur efektivitas kedua alat dalam mendeteksi dan mencegah serangan menggunakan metode VEA-bility. Hasil penelitian menunjukkan bahwa, berdasarkan analisis metrik VEA-bility, Suricata memiliki kinerja yang lebih baik karena mendapatkan score VEA-bility sebesar 3.45 dalam mendeteksi dan menangani serangan dibandingkan dengan Zeek yang mendapatkan nilai sebesar 2.3.
Abstract:
Networks face threats like the Denial of Service (DoS) attack, which disrupt services and render networks inaccessible. These attacks overwhelm targets with excessive traffic or send detrimental information, causing system failures. To combat such threats, the Intrusion Detection System (IDS) is deployed. Employing the Network Detection Life Cycle (NDLC) methodology, IDS works to safeguard network security by identifying potential threats and attacks. By scanning user networks, the IDS pinpoints vulnerabilities, alerting administrators and initiating preventive measures, such as shutting vulnerable access points. This research subjected networks to UDP, TCP, and HTTP flood attacks, followed by an effectiveness evaluation of two open-source IPS: Zeek and Suricata. Using the VEA-ability method, security metrics were derived from dimensions of vulnerability, exploitability, and attackability, presented as scores ranging from 0 to 10. The results indicate that Suricata outperforms Zeek in system security viability.

Availability

No copy data

Detail Information
Series Title
--
Call Number
2023 PRA a
Publisher
Bogor : Politeknik Siber dan Sandi Negara.,
Collation
xi, 42 halaman
Language
Indonesia
ISBN/ISSN
--
Classification
Rekayasa Keamanan Siber
Content Type
-
Media Type
-
Carrier Type
-
Edition
--
Subject(s)
Zeek
Suricata
Denial of Service
Intrusion Detection System (IDS)
VEA-bility
Specific Detail Info
-
Statement of Responsibility
Other version/related

No other version available

File Attachment
No Data
Comments
You must be logged in to post a comment