ANALISIS NETWORK SECURITY SNORT METODE INTRUSION DETECTION SYSTEM UNTUK OPTIMASI KEAMANAN JARINGAN KOMPUTER

Jursima ◽  
2018 ◽  
Vol 6 (1) ◽  
pp. 1
Author(s):  
Parningotan Panggabean
Keyword(s):  
Network Security ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service

<p><em>Perkembangan teknologi informasi, khususnya jaringan komputer memungkinkan terjadinya pertukaran informasi yang mudah, cepat dan semakin kompleks. Keamanan jaringan komputer harus diperhatikan guna menjaga validitas dan integritas data serta informasi yang berada dalam jaringan tersebut. Masalah yang dihadapi adalah adanya Log Bug yang didapatkan pada komputer server Dinas Lingkungan Hidup Kota Batam yang diindikasikan adanya serangan Denial of Service (DoS) pada komputer tersebut. Berdasarkan masalah diatas maka penulis mencoba membuat sebuah penelitian yang berjudul “Analisis Network Security Snort menggunakan metode  Intrusion Detection System (IDS) untuk Optimasi  Keamanan Jaringan Komputer” dan diharapkan dapat mendeteksi serangan Denial of Service (DoS). Intrusion Detection System (IDS)  adalah sebuah tool, metode, sumber daya yang memberikan bantuan untuk melakukan identifikasi, memberikan laporan terhadap aktivitas jaringan komputer. Aplikasi yang digunakan untuk mendeteksi serangan menggunakan Snort. Snort dapat mendeteksi serangan DoS. Serangan DoS dilakukan dengan menggunakan aplikasi Loic.</em></p>

scholarly journals Analisis Perbandingan Kinerja Snort Dan Suricata Sebagai Intrusion Detection System Dalam Mendeteksi Serangan Syn Flood Pada Web Server Apache

Respati ◽  
2020 ◽  
Vol 15 (2) ◽  
pp. 6
Author(s):  
Lukman Lukman ◽  
Melati Suci
Keyword(s):  
Network Security ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Web Server ◽  
Attack Detection ◽  
Web Servers ◽  
Server Software ◽  
The Web

INTISARIKeamanan jaringan pada web server merupakan bagian yang paling penting untuk menjamin integritas dan layanan bagi pengguna. Web server sering kali menjadi target serangan yang mengakibatkan kerusakan data. Salah satunya serangan SYN Flood merupakan jenis serangan Denial of Service (DOS) yang memberikan permintaan SYN secara besar-besaran kepada web server.Untuk memperkuat keamanan jaringan web server penerapan Intrusion Detection System (IDS) digunakan untuk mendeteksi serangan, memantau dan menganalisa serangan pada web server. Software IDS yang sering digunakan yaitu IDS Snort dan IDS Suricata yang memiliki kelebihan dan kekurangannya masing-masing. Tujuan penelitian kali ini untuk membandingkan kedua IDS menggunakan sistem operasi linux dengan pengujian serangan menggunakan SYN Flood yang akan menyerang web server kemudian IDS Snort dan Suricata yang telah terpasang pada web server akan memberikan peringatan jika terjadi serangan. Dalam menentukan hasil perbandingan, digunakan parameter-parameter yang akan menjadi acuan yaitu jumlah serangan yang terdeteksi dan efektivitas deteksi serangan dari kedua IDS tersebut.Kata kunci: Keamanan jaringan, Web Server, IDS, SYN Flood, Snort, Suricata. ABSTRACTNetwork security on the web server is the most important part to guarantee the integrity and service for users. Web servers are often the target of attacks that result in data damage. One of them is the SYN Flood attack which is a type of Denial of Service (DOS) attack that gives a massive SYN request to the web server.To strengthen web server network security, the application of Intrusion Detection System (IDS) is used to detect attacks, monitor and analyze attacks on web servers. IDS software that is often used is IDS Snort and IDS Suricata which have their respective advantages and disadvantages.The purpose of this study is to compare the two IDS using the Linux operating system with testing the attack using SYN Flood which will attack the web server then IDS Snort and Suricata that have been installed on the web server will give a warning if an attack occurs. In determining the results of the comparison, the parameters used will be the reference, namely the number of attacks detected and the effectiveness of attack detection from the two IDS.Keywords: Network Security, Web Server, IDS, SYN Flood, Snort, Suricata.

scholarly journals Intrusion Detection Based on Big Data Fuzzy Analytics

2021 ◽  
Author(s):  
Farah Jemili ◽  
Hajer Bouras
Keyword(s):  
Big Data ◽  
Network Security ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
High Performance ◽  
Detection System ◽  
Training Dataset ◽  
False Alarms ◽  
Massive Datasets ◽  
Detection Rates

In today’s world, Intrusion Detection System (IDS) is one of the significant tools used to the improvement of network security, by detecting attacks or abnormal data accesses. Most of existing IDS have many disadvantages such as high false alarm rates and low detection rates. For the IDS, dealing with distributed and massive data constitutes a challenge. Besides, dealing with imprecise data is another challenge. This paper proposes an Intrusion Detection System based on big data fuzzy analytics; Fuzzy C-Means (FCM) method is used to cluster and classify the pre-processed training dataset. The CTU-13 and the UNSW-NB15 are used as distributed and massive datasets to prove the feasibility of the method. The proposed system shows high performance in terms of accuracy, precision, detection rates, and false alarms.

scholarly journals Scrutinizing Attacks and Evaluating Performance Appraisal Parameters via Feature Selection in Intrusion Detection System

2021 ◽  
Author(s):  
Navroop Kaur ◽  
Meenakshi Bansal ◽  
Sukhwinder Singh S
Keyword(s):  
Feature Selection ◽  
Performance Evaluation ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Cyber Attacks ◽  
Support Vector ◽  
K Nearest Neighbor ◽  
Evaluation Parameters

Abstract In modern times the firewall and antivirus packages are not good enough to protect the organization from numerous cyber attacks. Computer IDS (Intrusion Detection System) is a crucial aspect that contributes to the success of an organization. IDS is a software application responsible for scanning organization networks for suspicious activities and policy rupturing. IDS ensures the secure and reliable functioning of the network within an organization. IDS underwent huge transformations since its origin to cope up with the advancing computer crimes. The primary motive of IDS has been to augment the competence of detecting the attacks without endangering the performance of the network. The research paper elaborates on different types and different functions performed by the IDS. The NSL KDD dataset has been considered for training and testing. The seven prominent classifiers LR (Logistic Regression), NB (Naïve Bayes), DT (Decision Tree), AB (AdaBoost), RF (Random Forest), kNN (k Nearest Neighbor), and SVM (Support Vector Machine) have been studied along with their pros and cons and the feature selection have been imposed to enhance the reading of performance evaluation parameters (Accuracy, Precision, Recall, and F1Score). The paper elaborates a detailed flowchart and algorithm depicting the procedure to perform feature selection using XGB (Extreme Gradient Booster) for four categories of attacks: DoS (Denial of Service), Probe, R2L (Remote to Local Attack), and U2R (User to Root Attack). The selected features have been ranked as per their occurrence. The implementation have been conducted at five different ratios of 60-40%, 70-30%, 90-10%, 50-50%, and 80-20%. Different classifiers scored best for different performance evaluation parameters at different ratios. NB scored with the best Accuracy and Recall values. DT and RF consistently performed with high accuracy. NB, SVM, and kNN achieved good F1Score.

scholarly journals ARIES: A Novel Multivariate Intrusion Detection System for Smart Grid

Sensors ◽  
2020 ◽  
Vol 20 (18) ◽  
pp. 5305
Author(s):  
Panagiotis Radoglou Grammatikis ◽  
Panagiotis Sarigiannidis ◽  
Georgios Efstathopoulos ◽  
Emmanouil Panaousis
Keyword(s):  
Intrusion Detection ◽  
Smart Grid ◽  
Intrusion Detection System ◽  
Network Flow ◽  
Network Flows ◽  
Detection System ◽  
Random Noise ◽  
Denial Of Service ◽  
The Third ◽  
Operational Data

The advent of the Smart Grid (SG) raises severe cybersecurity risks that can lead to devastating consequences. In this paper, we present a novel anomaly-based Intrusion Detection System (IDS), called ARIES (smArt gRid Intrusion dEtection System), which is capable of protecting efficiently SG communications. ARIES combines three detection layers that are devoted to recognising possible cyberattacks and anomalies against (a) network flows, (b) Modbus/Transmission Control Protocol (TCP) packets and (c) operational data. Each detection layer relies on a Machine Learning (ML) model trained using data originating from a power plant. In particular, the first layer (network flow-based detection) performs a supervised multiclass classification, recognising Denial of Service (DoS), brute force attacks, port scanning attacks and bots. The second layer (packet-based detection) detects possible anomalies related to the Modbus packets, while the third layer (operational data based detection) monitors and identifies anomalies upon operational data (i.e., time series electricity measurements). By emphasising on the third layer, the ARIES Generative Adversarial Network (ARIES GAN) with novel error minimisation functions was developed, considering mainly the reconstruction difference. Moreover, a novel reformed conditional input was suggested, consisting of random noise and the signal features at any given time instance. Based on the evaluation analysis, the proposed GAN network overcomes the efficacy of conventional ML methods in terms of Accuracy and the F1 score.

Application of Deep Learning Technique in an Intrusion Detection System

2020 ◽  
Vol 19 (02) ◽  
pp. 2050016
Author(s):  
Shideh Saraeian ◽  
Mahya Mohammadi Golchi
Keyword(s):  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Visual Analysis ◽  
Detection System ◽  
Denial Of Service ◽  
Attack Detection ◽  
Hybrid Network ◽  
Machine Learning Techniques ◽  
Learning Technique

Comprehensive development of computer networks causes the increment of Distributed Denial of Service (DDoS) attacks. These types of attacks can easily restrict communication and computing. Among all the previous researches, the accuracy of the attack detection has not been properly addressed. In this study, deep learning technique is used in a hybrid network-based Intrusion Detection System (IDS) to detect intrusion on network. The performance of the proposed technique is evaluated on the NSL-KDD and ISCXIDS 2012 datasets. We performed traffic visual analysis using Wireshark tool and did some experimentations to prove the superiority of the proposed method. The results have shown that our proposed method achieved higher accuracy in comparison with other useful machine learning techniques.

Campus Network Security Program Based on Snort Network Security Intrusion Detection System

2012 ◽  
Vol 433-440 ◽  
pp. 3235-3240
Author(s):  
Ling Jia
Keyword(s):  
Network Security ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Collocation Methods ◽  
Campus Network ◽  
Security Risks ◽  
Network Layer ◽  
Defense Strategies

This paper studies the security problems of campus network and summarizes the current on the current security risks and threats that campus network faces, focusing on analysis of attack-defense strategies on DOS network layer, proposing the security program of campus network which uses firewall as well as network security intrusion detection system snort. This paper analyzes the functional advantages of the program and presents in details the setup deployment and collocation methods of network security intrusion detection system based on snort in the campus network, and its application results are also summarized.

Sign in / Sign up

Export Citation Format

Share Document