Analysis Performance Intrusion Detection System in Detecting Cyber-Attack on Apache Web Server

  • Doddy Teguh Yuwono Universitas Ahmad Dahlan
Keywords: Analyze, Detecting, Network, Security, Snort

Abstract

Network security on the webserver is the most important part to ensure integrity and service for users. Web servers are often the target of attacks that result in data corruption. One of them is the SYN Flood attack, which is a type of Denial of Service (DOS) attack that provides massive SYN requests to the webserver. This research is to analyze attack indications and maintain system security from the threat of data flooding. One way to maintain a computer network security system is to use Snort as an IDS (Intrusion Detection System). Snort is software that functions to detect intrusions. Data packets passing through network traffic will be analyzed first. Data packets detected as intrusions will trigger an alert which is then stored in a log file. That way, network administrators can find out intrusions that occur on computer networks. The method of testing flood attack data is using the penetration testing method. The three test samples are data flooding attacks against ICMP, UDP, and TCP protocols. The results obtained when testing flooding attack data where detection sensors can detect all attacks and all attack samples, while the warnings generated by Snort are shown in a web form which can be seen in the detail of each attack that occurred.

Downloads

Download data is not yet available.

References

U. L. Yusuf Abdulloh, Joko Triyono, “Pengaruh Penempatan Snort Terhadap Keamanan Jaringan (Studi Kasus Laboratorium Vi Jaringan Kampus 3 Ist Akprind Yogyakarta),” Jarkom, vol. 8, no. 1, pp. 10–19, 2020.

Y. Arta, A. Syukur, and R. Kharisma, “Simulasi Implementasi Intrusion Prevention System (IPS) Pada Router Mikrotik,” It J. Res. Dev., vol. 3, no. 1, pp. 104–114, 2018, doi: 10.25299/itjrd.2018.vol3(1).1346.

A. L. Ginting, J. Napitupulu, and J. Jamaluddin, “Sistem Monitoring Pendeteksian Penyusup Menggunakan Snort pada Jaringan Komputer Fakultas Ekonomi Universitas Methodist Indonesia,” pp. 83–87, 2018, doi: 10.31227/osf.io/w5gt7.

Y. Arta, “Implementasi Intrusion Detection System Pada Rule Based System Menggunakan Sniffer Mode Pada Jaringan Lokal,” It J. Res. Dev., vol. 2, no. 1, pp. 43–50, 2017, doi: 10.25299/itjrd.2017.vol2(1).979.

Firmansyah and M. Wahyudi, “Analisis Performa Access Control List menggunakan Metode Firewall Policy Base Performance Analysis of the Access Control List Using the Firewall Policy-Based Method Article Info ABSTRAK,” Matrik J. Manajemen, Tek. Inform. dan Rekayasa Komput., vol. 20, no. 2, pp. 283–292, 2021, doi: 10.30812/matrik.v20i1.1068.

A. H. Hambali and S. Nurmiati, “Implementasi Intrusion Detection System (IDS) Pada Keamanan PC Server Terhadap Serangan Flooding Data,” Sainstech J. Penelit. dan Pengkaj. Sains dan Teknol., vol. 28, no. 1, pp. 35–43, 2018, doi: 10.37277/stch.v28i1.267.

V. Prisscilya and T. Santoso, “Implementasi Keamanan Jaringan Menggunakan Intrusion,” J. Inf. Technol., pp. 1–8, 2021.

J. D. Santoso, “Keamanan Jaringan Nirkabel Menggunakan Wireless Intrusion Detection System,” Infos, vol. 1, no. 3, pp. 44–50, 2019.

E. Stephani, Fitri Nova, and Ervan Asri, “Implementasi dan Analisa Keamanan Jaringan IDS (Intrusion Detection System) Menggunakan Suricata Pada Web Server,” JITSI J. Ilm. Teknol. Sist. Inf., vol. 1, no. 2, pp. 67–74, 2020, doi: 10.30630/jitsi.1.2.10.

M. Hanindia and P. Swari, “Intrusion Detection System ( Ids ) Menggunakan Raspberry Pi 3 Berbasis Snort Studi Kasus : Stmik Stikom Indonesia,” J. SCAN, vol. XV, pp. 2–7, 2020.

W. Yunanri and Y. B. Fitriana, “Analisis Network Security Komputer Tingkat Desa Menggunakan Metode Security Policy Development Life Cycle ( SPDLC ),” vol. 1, no. 2, pp. 11–21, 2021.

A. Aminanto and W. Sulistyo, “Simulasi Sistem Keamanan Jaringan Komputer Berbasis IPS Snort dan Honeypot Artilery,” Aiti, vol. 16, no. 2, pp. 135–150, 2020, doi: 10.24246/aiti.v16i2.135-150.

M. Rahouti, K. Xiong, N. Ghani, and F. Shaikh, “SYNGuard: Dynamic threshold-based SYN flood attack detection and mitigation in software-defined networks,” IET Networks, vol. 10, no. 2, pp. 76–87, 2021, doi: 10.1049/ntw2.12009.

B. Fachri and F. H. Harahap, “Simulasi Penggunaan Intrusion Detection System (IDS) Sebagai Keamanan Jaringan dan Komputer,” J. Media Inform. Budidarma, vol. 4, no. 2, p. 413, 2020, doi: 10.30865/mib.v4i2.2037.

Y. N. Soe, Y. Feng, P. I. Santosa, R. Hartanto, and K. Sakurai, “Machine learning-based IoT- botnet attack detection with sequential architecture,” Sensors (Switzerland), vol. 20, no. 16, pp. 1–15, 2020, doi: 10.3390/s20164372.

Published
2022-02-22
How to Cite
Yuwono, D. T. (2022). Analysis Performance Intrusion Detection System in Detecting Cyber-Attack on Apache Web Server. IT Journal Research and Development, 6(2), 169 - 178. https://doi.org/10.25299/itjrd.2022.7853
Section
Articles
Abstract viewed = 176 times
PDF downloaded = 143 times