ANALISIS PERBANDINGAN PERFORMA INTRUSION DETECTION SYSTEM (IDS) DALAM MENDETEKSI SERANGAN PORT SCANNING DAN DISTRIBUTED DENIAL OF SERVICE (DDOS)

Farhan Maulana, - (2024) ANALISIS PERBANDINGAN PERFORMA INTRUSION DETECTION SYSTEM (IDS) DALAM MENDETEKSI SERANGAN PORT SCANNING DAN DISTRIBUTED DENIAL OF SERVICE (DDOS). S1 thesis, Universitas Pendidikan Indonesia.

Baca Full Text klik disini
[img] Text
S_SISTEL_1908952_Title.pdf
Download (498kB)
[img] Text
S_SISTEL_1908952_Chapter1.pdf
Download (238kB)
[img] Text
S_SISTEL_1908952_Chapter2.pdf
Restricted to Staf Perpustakaan
Download (430kB)
[img] Text
S_SISTEL_1908952_Chapter3.pdf
Download (418kB)
[img] Text
S_SISTEL_1908952_Chapter4.pdf
Restricted to Staf Perpustakaan
Download (334kB)
[img] Text
S_SISTEL_1908952_Chapter5.pdf
Download (152kB)
[img] Text
S_SISTEL_1908952_Appendix.pdf
Restricted to Staf Perpustakaan
Download (307kB)
Official URL: https://repository.upi.edu/

Abstract

Seiring berkembangnya teknologi dan semakin beragamnya peningkatan jumlah penyusupan ke jaringan, hampir setiap organisasi termasuk lembaga pemerintah dan perusahaan dipaksa untuk menerapkan Intrusion Detection System (IDS). Saat ini IDS menjadi salah satu alternatif untuk memantau lalu lintas jaringan dari intrusi. Penelitian ini membandingkan performa NIDS Snort, Suricata, dan Zeek terbaru dalam mendeteksi serangan Port Scanning (PS) dan Distributed Denial of Service (DDoS). Penelitian ini dilakukan dengan menggunakan lingkungan virtual dengan meninjau performa confusion matrix, kecepatan deteksi serangan, CPU usage, memory usage, dan network usage. Hasil pada penelitian ini menunjukan keberagaman disetiap parameter yang digunakan, setiap NIDS yang digunakan memiliki karakteristik dan keunggulannya masing-masing. Pada penelitian ini Suricata unggul dalam mendeteksi intrusi dengan tingkat TPR pada case PS 96,98% dan pada case DDoS 98,08%, kemudian dalam kecepatan deteksi, Zeek lebih unggul dengan kecepatan rata-rata pada case PS 105,21 DR/m dan pada case DDoS 491,96 DR/m, dan pada resource usage Snort unggul dibandingkan Suricata dan Zeek. Tinjauan kinerja yang komprehensif seperti ini belum pernah dipertimbangkan dalam penelitian sebelumnya. Analisis menyeluruh ini diharapkan dapat memberikan manfaat besar bagi para praktisi dan peneliti dalam pemilihan NIDS yang optimal dan sesuai kebutuhan mereka. ----- As technology develops and the number of intrusions into the network increases, almost every organization including government agencies and companies are forced to implement an Intrusion Detection System (IDS). Currently, IDS is one of the alternatives to monitor network traffic that occurs, as well as maintain network security to avoid unwanted and destructive attacks. This research compares the performance of the latest Snort, Suricata, and Zeek NIDS in detecting Port Scanning (PS) and Distributed Denial of Service (DDoS) attacks. This research was conducted using a virtual environment by reviewing confusion matrix performance, attack detection speed, CPU usage, memory usage, and network usage. The results in this study show diversity in each parameter used, each NIDS used has its own characteristics and advantages. In this study Suricata excels in detecting intrusions with a TPR rate in the PS case of 96.98% and in the DDoS case of 98.08%, then in detection speed Zeek is superior with an average speed in the PS case of 105.21 DR/m and in the DDoS case of 491.96 DR/m, and in resource usage Snort is superior to Suricata and Zeek. Such a comprehensive performance review has never been considered in previous research. This comprehensive analysis is expected to be of great benefit to practitioners and researchers in the selection of an optimal NIDS that suits their needs.

Item Type: Thesis (S1)
Additional Information: https://scholar.google.com/citations?hl=en&user=B21ubJwAAAAJ&view_op=list_works&gmla=AH70aAVi8_rCUNfe_YSwjUXvhHIlaon9gymEoyM-_z2sgTlOqFd6SxxC154dIsR8qrvUcCN7Y1jlpmK0-IzHHzO3ID ID SINTA Dosen Pembimbing: Galura Muhammad Suranegara : 6703764 Ahmad Fauzi : 6122861
Uncontrolled Keywords: NIDS, Snort, Suricata, Zeek, Cybersecurity.
Subjects: T Technology > T Technology (General)
Divisions: UPI Kampus Purwakarta > S1 Sistem Telekomunikasi
Depositing User: Farhan Maulana
Date Deposited: 17 Jan 2024 07:16
Last Modified: 17 Jan 2024 07:16
URI: http://repository.upi.edu/id/eprint/114466

Actions (login required)

View Item View Item