On implementing a powerful intrusion prevention system focused on big data

The article is devoted to the problem of information security, namely the study of the characteristics of antivirus programs which are standardized in Ukraine. The study used statistical methods to analyze the characteristics of antivirus software and comparative methods of comparing the various types of such programs. Relying on researches in scientific literature, the main threats to information security in the field of information technology were analyzed. The emphasis is placed on the fact that antivirus software is the most effective protection against malicious software (malware). The basic methods of work of the antivirus – signature and heuristic – are described. The list of standardized in Ukraine antivirus programs is determined. The study was based on the quantitative and qualitative results which while testing had obtained by the independent testing laboratory AV-Comparatives (Austria), the independent Virus Bulletin (VB) laboratory for testing and certification in the field of security, the Center for antivirus protection information of the State Special Communication Service of Ukraine. The comparative analysis of the main characteristics of antivirus programs was carried out, namely: antivirus and anti-spyware; anti-phishing; anti-rootkit protection against exploits; Intrusion Prevention System; Real-time protection; parental control; host-based firewall; antispam; protection against network attacks; home network protection; anti-theft; password management.

Download Full-text

Perancangan Security Network Intrusion Prevention System Pada PDTI Universitas Islam Raden Rahmat Malang

EDUMATIC Jurnal Pendidikan Informatika ◽

10.29408/edumatic.v5i1.3278 ◽

2021 ◽

Vol 5 (1) ◽

pp. 60-69

Author(s):

Farid Wahyudi ◽

◽

Listanto Tri Utomo ◽

Keyword(s):

Network Security ◽

Computer Security ◽

Detection System ◽

Local Network ◽

Science System ◽

Intrusion Prevention ◽

Data Packets ◽

Network Intrusion ◽

Prevention System ◽

Intrusion Prevention System

Security is very main in computer networks, where many devices are connected to each other to interact and exchange data without limits. Network security is also a very important issue to prioritize, one of which is to use an intrusion prevention system. At PDTI UNIRA there are often network security problems, one of which is that during the test season, the server experiences many intrusion problems. The purpose of this research is to develop a social science system based on the analysis at PDTI of Raden Rahmat Islamic University Malang. This research method uses a computer security development approach, namely the Intrusion Prevention System (IPS), by combining firewall engineering methods and Intrusion-Detection System (IDS). The result of this research is a technology that can be used to prevent attacks that will enter the local network checking and recording all data packets and recognizing sensor packets, when the attack has been identified, IPS will deny access (block) and record (log) all data packets. identified. So IPS acts as a firewall that will allow and block combined with IDS that can detect packets in detail. With a network security system, the Unira PDTI server is safer and can avoid intrusion.

Download Full-text