scholarly journals Analisis Forensik Jaringan Studi Kasus Serangan SQL Injection pada Server Universitas Gadjah Mada

2013 ◽  
Vol 7 (1) ◽  
Author(s):  
Resi Utami Putri ◽  
Jazi Eko Istiyanto
Keyword(s):  
Intrusion Detection ◽  
Computer Security ◽  
Intrusion Detection System ◽  
Process Model ◽  
Detection System ◽  
Process Models ◽  
Sql Injection ◽  
Ip Address ◽  
Security Investigation ◽  
Automated Tools

AbstrakForensik jaringan merupakan ilmu keamanan komputer berkaitan dengan investigasi untuk menemukan sumber serangan pada jaringan berdasarkan bukti log, mengidentifikasi, menganalisis serta merekonstruksi ulang kejadian tersebut. Penelitian forensik jaringan dilakukan di Pusat Pelayanan Teknologi Informasi dan Komunikasi (PPTIK) Universitas Gadjah Mada.Metode yang digunakan adalah model proses forensik (The Forensic Process Model) sebuah model proses investigasi forensik digital, yang terdiri dari tahap pengkoleksian, pemeriksaan, analisis dan pelaporan. Penelitian dilakukan selama lima bulan dengan mengambil data dari Intrusion Detection System (IDS) Snort. Beberapa file log digabungkan menjadi satu file log, lalu data dibersihkan agar sesuai untuk penelitian.Berdasarkan hasil penelitian yang telah dilakukan, terdapat 68 IP address  yang melakukan tindakan illegal SQL Injection pada server www.ugm.ac.id. Kebanyakan penyerang menggunakan tools SQL Injection yaitu Havij dan SQLMap sebagai tool otomatis untuk memanfaatkan celah keamanan pada suatu website. Selain itu, ada yang menggunakan skrip Python yaitu berasal dari benua Eropa yaitu di Romania. Kata kunci—forensik jaringan, model proses forensik, SQL injection AbstractNetwork forensic is a computer security investigation to find the sources of the attacks on the network by examining log evidences, identifying, analyzing and reconstructing the incidents. This research has been conducted at The Center of Information System and Communication Service, Gadjah Mada University.The method that used was The Forensic Process Model, a model of the digital investigation process, consisted of collection, examination, analysis, and reporting. This research has been conducted over five months by retrieving data that was collected from Snort Intrusion Detection System (IDS). Some log files were retrieved and merged into a single log file, and then the data cleaned to fit for research.Based on the research, there are 68 IP address was that did illegal action, SQL injection, on server www.ugm.ac.id. Most of attackers using Havij and SQLmap (automated tools to exploit vulnerabilities on a website). Beside that, there was also Python script that was derived from the continent of Europe in Romania. Keywords— Network Forensics, The Forensic Process Models, SQL Injection

DECISION MAKING FOR NETWORK HEALTH ASSESSMENT IN AN INTELLIGENT INTRUSION DETECTION SYSTEM ARCHITECTURE

2004 ◽  
Vol 03 (02) ◽  
pp. 281-306 ◽  
Author(s):  
AMBAREEN SIRAJ ◽  
RAYFORD B. VAUGHN ◽  
SUSAN M. BRIDGES
Keyword(s):  
Intrusion Detection ◽  
Computer Security ◽  
Intrusion Detection System ◽  
Detection System ◽  
Health Assessment ◽  
Fuzzy Rule ◽  
Fuzzy Cognitive Maps ◽  
Causal Knowledge ◽  
Knowledge Reasoning ◽  
Decision Engine

This paper describes the use of artificial intelligence techniques in the creation of a network-based decision engine for decision support in an Intelligent Intrusion Detection System (IIDS). In order to assess overall network health, the decision engine fuses outputs from different intrusion detection sensors serving as "experts" and then analyzes the integrated information to present an overall security view of the system for the security administrator. This paper reports on the workings of a decision engine that has been successfully embedded into the IIDS architecture being built at the Center for Computer Security Research, Mississippi State University. The decision engine uses Fuzzy Cognitive Maps (FCM)s and fuzzy rule-bases for causal knowledge acquisition and to support the causal knowledge reasoning process.

scholarly journals Deep Learning Approaches for Intrusion Detection

2021 ◽  
pp. 50-64
Author(s):  
Azar Abid Salih ◽  
Siddeeq Y. Ameen ◽  
Subhi R. M. Zeebaree ◽  
Mohammed A. M. Sadeeq ◽  
Shakir Fattah Kak ◽  
...  
Keyword(s):  
Deep Learning ◽  
Intrusion Detection ◽  
Computer Security ◽  
Intrusion Detection System ◽  
Detection System ◽  
Feature Learning ◽  
Detailed Comparison ◽  
Learning Approaches ◽  
Network Intrusion ◽  
Research Problems

Recently, computer networks faced a big challenge, which is that various malicious attacks are growing daily. Intrusion detection is one of the leading research problems in network and computer security. This paper investigates and presents Deep Learning (DL) techniques for improving the Intrusion Detection System (IDS). Moreover, it provides a detailed comparison with evaluating performance, deep learning algorithms for detecting attacks, feature learning, and datasets used to identify the advantages of employing in enhancing network intrusion detection.

scholarly journals Evaluation of DDoS attacks Detection in a New Intrusion Dataset Based on Classification Algorithms

2019 ◽  
Vol 1 (3) ◽  
pp. 49-55 ◽  
Author(s):  
Amer A. Abdulrahman ◽  
Mahmood K. Ibrahem
Keyword(s):  
Intrusion Detection ◽  
Computer Security ◽  
System Architecture ◽  
Intrusion Detection System ◽  
Network Flows ◽  
Detection System ◽  
Machine Learning Algorithms ◽  
Strategic Decision ◽  
Classification Algorithms ◽  
Ddos Attack

Intrusion detection system is an imperative role in increasing security and decreasing the harm of the computer security system and information system when using of network. It observes different events in a network or system to decide occurring an intrusion or not and it is used to make strategic decision, security purposes and analyzing directions. This paper describes host based intrusion detection system architecture for DDoS attack, which intelligently detects the intrusion periodically and dynamically by evaluating the intruder group respective to the present node with its neighbors. We analyze a dependable dataset named CICIDS 2017 that contains benign and DDoS attack network flows, which meets certifiable criteria and is openly accessible. It evaluates the performance of a complete arrangement of machine learning algorithms and network traffic features to indicate the best features for detecting the assured attack classes. Our goal is storing the address of destination IP that is utilized to detect an intruder by method of misuse detection.

scholarly journals PEMANFAATAN INTRUSION DETECTION SYSTEM (IDS) SEBAGAI OTOMATISASI KONFIGURASI FIREWALL BERBASIS WEB SERVICE MENGGUNAKAN ARSITEKTUR REPRESENTATIONAL STATE TRANSFER (REST)

Compiler ◽  
2013 ◽  
Vol 2 (2) ◽  
Author(s):  
Demmy Nanda Awangga ◽  
Haruno Sajati ◽  
Yenni Astuti
Keyword(s):  
Intrusion Detection ◽  
Web Service ◽  
Intrusion Detection System ◽  
Computer Network ◽  
Detection System ◽  
Ip Address ◽  
Final Project ◽  
Representational State Transfer ◽  
State Transfer ◽  
Representational State

Many things can destabilize a computer network connections, both with regard to hardware and software. Therefore, we need a technique for network security, one of them is firewall. The problems that arise in this final project is to build a linux based firewall automation application via web service by using REST (Representational State Transfer) architecture and IDS (Intrusion Detection System). The system buid firewall rules using linux operating system with the help o f 2 pieces o f IDS to detect theactivities of traffic data between the intruder and the server that will be recorded in the IDS database. The system will compare the server with IDS on the router to get the IP address o f the actual intruders, so it will be blocked by the firewall. The applications is used to prevents the ping o f death attack usingweb service and REST protocol so that firewall rules will run automatically.

Performance Analysis of Mail Clients on Low Cost Computer With ELGamal and RSA Using SNORT

2018 ◽  
pp. 332-353
Author(s):  
Sreerama Murthy Kattamuri ◽  
Vijayalakshmi Kakulapati ◽  
Pallam Setty S.
Keyword(s):  
Intrusion Detection ◽  
Low Power ◽  
Intrusion Detection System ◽  
Detection System ◽  
Low Cost ◽  
Raspberry Pi ◽  
Ip Address ◽  
Intrusion Prevention ◽  
Plain Text ◽  
Intrusion Prevention System

An intrusion detection system (IDS) focuses on determining malicious tasks by verifying network traffic and informing the network administrator for restricting the user or source or source IP address from accessing the network. SNORT is an open source intrusion detection system (IDS) and SNORT also acts as an intrusion prevention system (IPS) for monitoring and prevention of security attacks on networks. The authors applied encryption for text files by using cryptographic algorithms like Elgamal and RSA. This chapter tested the performance of mail clients in low cost, low power computer Raspberry Pi, and verified that SNORT is efficient for both algorithms. Within low cost, low power computer, they observed that as the size of the file increases, the run time is constant for compressed data; whereas in plain text, it changed significantly.

Types of Threats and Appropriate Countermeasures for Internet Communications

2021 ◽  
Vol 10 (1) ◽  
pp. 27-37
Author(s):  
Irina-Bristena BACÎŞ
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Configuration Management ◽  
Identity Theft ◽  
Security Threats ◽  
Security Measures ◽  
Protection Measures ◽  
Ip Address ◽  
Network Flooding

Threats can translate into various types of attacks an intruder can take on entities in a network: flooding the target with protocol messages, smurfing (targeted broadcasting of an ICMP protocol-based messaging protocol), distributed attacks that lead to blocking the service for legitimate users, IP address theft and flooding targets with unsolicited emails, identity theft, or fraudulent routing. Against these threats, a variety of security measures can be implemented, such as: configuration management, firewall installation, intrusion detection system installation. Used separately or together, these protection measures can eliminate or even minimize the probability of materializing security threats and preventing attacks on the security features of a system.

Development and Design of Intelligent Intrusion Detection System Based on Data Mining

2014 ◽  
Vol 602-605 ◽  
pp. 1526-1529
Author(s):  
Hai Yan Chen
Keyword(s):  
Data Mining ◽  
Network Security ◽  
Intrusion Detection ◽  
Computer Security ◽  
Intrusion Detection System ◽  
Social Life ◽  
Detection System ◽  
Intelligent Agent ◽  
Security System ◽  
Security Problem

With the popularization and development of Internet, the network has penetrated into every corner of social life. Network brings people convenient but at the same time it also brings a series of safety problems. Intrusion detection system is an important part of network security system. Computer security problem is increasingly prominent, which puts forward higher requirements on intrusion detection system. In this paper, the application of data mining and intelligent Agent detection in the intrusion detection system is researched.

Sign in / Sign up

Export Citation Format

Share Document