Development of Network Security Using A Suricata-Based Intrusion Prevention System Againts Distributed Denial of Service
Abstract
Network security is essential in today's rapid technological developments, especially to avoid undesirable things such as attacks carried out by irresponsible parties. An intrusion prevention system is one of the methods used in a network security system. One attack that causes weak server services is Distributed Denial of Service (DDoS). This research aims to develop a Suricata-based Intrusion Prevention System for network security at the research location and to carry out tests to prevent attacks on the network at the research location. This research uses a waterfall model consisting of 5 stages: Analysis, Design, Implementation, Testing and Maintenance. The results of the research carried out on the development of a Suricata-based Intrusion Prevention System were able to detect DDoS attacks (Syn Flood and Ping of Death) and block access to these attacks so that network traffic was stable by utilizing the firewall feature, namely Iptables. The Suricata-based Intrusion Prevention System (IPS) demonstrated strong performance in detecting DDoS attacks, with a 98% detection rate for Syn Flood attacks and a 95% detection rate for Ping of Death attacks. The system maintained an overall average detection rate of 96.5% across both attack types, while keeping false positives low, at 2% for Syn Flood and 3% for Ping of Death. This resulted in an overall false positive rate of 2.5%, indicating the IPS's effectiveness in accurately identifying threats with minimal erroneous alerts, thereby providing robust network security.
Full Text:
PDF (41-48)References
Y. Arta, A. Syukur, and R. Kharisma, “Simulasi Implementasi Intrusion Prevention System (IPS) Pada Router Mikrotik,” It J. Res. Dev., vol. 3, no. 1, pp. 104–114, 2018, doi: 10.25299/itjrd.2018.vol3(1).1346.
I. Lestari and R. Permana, “Analisis Sistem Jaringan Komputer di Sekolah Menengah Kejuruan Al- Madani Pontianak,” Int. J. Nat. Sci. Eng., vol. 2, no. 3, p. 99, 2019, doi: 10.23887/ijnse.v2i3.17188.
F. Ardianto and T. Akbar, “Perancangan Sistem Monitoring Keamanan Jaringan Jarak Jauh Menggunakan Mikrotik Operational System Melalui Virtual Private Network,” Surya Energy, vol. 2, no. 1, pp. 135–139, 2017.
Y. W. Pradipta and Asmunin, “Implementasi Intrusion Prevention System (IPS) Menggunakan
Snort dan IP Tables Berbasis Linux,” Manaj. Inform., vol. 7, no. 1, pp. 21–28, 2017.
D. Santoso, A. Noertjahyana, and J. Andjarwirawan, “Implementasi dan Analisa Snort dan Suricata Sebagai IDS dan IPS Untuk Mencegah Serangan DOS dan DDOS,” Infra, vol. 10, 2022.
R. F. Pratama, N. A. Suwastika, and M. A. Nugroho, “Design and implementation adaptive Intrusion Prevention System (IPS) for attack prevention in software-defined network (SDN) architecture,” 2018 6th Int. Conf. Inf. Commun. Technol. ICoICT 2018, no. c, pp. 299–304, 2018, doi: 10.1109/ICoICT.2018.8528735.
B. P. Firdaus and I. M. Suartana, “Implementasi Keamanan Jaringan Intrusion Detection/Prevention System Menggunakan Pfsense,” J. Manaj. Inf., vol. 4, no. 1, pp. 1–9, 2021.
Y. Indarta et al., Keamanan Siber: Tantangan di Era Revolusi Industri 4.0. Yayasan Kita Menulis, 2022.
F. B. Perdana, R. Munadi, and A. I. Irawan, “Implementasi Sistem Keamanan Jaringan Menggunakan Suricata Dan Ntopng,” e-Proceeding Eng., vol. 6, no. 2, pp. 4076–4083, 2019.
K. Y. Layuk, “Analisis Keamanan Jaringan Web Server Menggunakan Suricata Pada Sekolah Menengah Pertama Negeri 1 Palopo,” 2021. [Online]. Available: http://repository.uncp.ac.id/412/
E. Stephani, F. Nova, and E. Asri, “Implementasi dan Analisa Keamanan Jaringan IDS (Intrusion Detection System) Menggunakan Suricata Pada Web Server,” JITSI J. Ilm. Teknol. Sist. Inf., vol. 1, no. 2, pp. 67– 74, 2020, doi: 10.30630/jitsi.1.2.10.
I. Adesty, W. A. Prabowo, and M. F. Sidiq, “Penerapan Intrusion Prevention System (IPS) Suricata Sebagai Pengamanan Dari Serangan Distributed Denial of Service (DDoS),” Eeasy Chair Prepr., p. 2912, 2020.
B. S. Anggoro and W. Sulistyo, “Implementasi Intrusion Prevention System Suricata dengan Anomaly-Based untuk Keamanan Jaringan PT. Grahamedia Informasi,” Semin. Nas. APTIKOM, pp. 280–288, 2019.
D.Syafriani,R.TriAmanda,S.MayasariRambe,and U. Kalsum Siregar, “Pelatihan Perancangan Jaringan LAN Pada Ruangan SMK Telkom-2 Menggunakan Cisco Packet Tracer,” J. Has. Pengabdi. Masy., vol. 1, no. 1, pp. 8–15, 2022.
J. Al Amien, “Implementasi Keamanan Jaringan Dengan Iptables Sebagai Firewall Menggunakan Metode Port Knocking,” J. Fasilkom, vol. 10, no. 2, pp. 159–165, 2020, doi: 10.37859/jf.v10i2.2098.
Refbacks
- There are currently no refbacks.