Pramudika Afriza Fahmi, - (2024) ANALISIS KOMPARASI KINERJA IBM QRADAR DAN SNORT UNTUK MELAKUKAN NETWORK FORENSIC TERHADAP SERANGAN SIBER. S1 thesis, Universitas Pendidikan Indonesia.
![[img]](http://repository.upi.edu/style/images/fileicons/text.png) |
Text
S_SISTEL_2009271_Title.pdf Download (301kB) |
|
Text
S_SISTEL_2009271_Chapter1.pdf Download (116kB) |
|
Text
S_SISTEL_2009271_Chapter2.pdf Restricted to Staf Perpustakaan Download (338kB) |
|
Text
S_SISTEL_2009271_Chapter3.pdf Download (158kB) |
|
Text
S_SISTEL_2009271_Chapter4.pdf Restricted to Staf Perpustakaan Download (1MB) |
|
Text
S_SISTEL_2009271_Chapter5.pdf Download (42kB) |
|
Text
S_SISTEL_2009271_Appendix.pdf Restricted to Staf Perpustakaan Download (1MB) |
Abstract
Keamanan jaringan komputer yang lemah dapat memudahkan hacker dalam mengeksploitasi data-data penting. BSSN mengungkapan pada annual report di tahun 2023, Indonesia akan mengalami berbagai kejadian serangan siber. Security Information and Event Management (SIEM) termasuk sistem yang dapat mendeteksi ancaman dan serangan siber pada jaringan. Deteksi serangan siber memerlukan metode forensik dalam mengidentifikasi jenis serangan dengan network forensics. IBM QRadar Community Edition (CE) dan Snort merupakan tools dari produk SIEM yang dapat meneteksi ancaman dan serangan siber. Pada penelitian ini dilakukan konfigurasi log atau network activity dan analisis terhadap kinerja dari QRadar CE dan Snort dalam mendeteksi serangan Port Scanning, Metasploit, dan Distributed / Denial of Service (D/DoS). Penelitian ini menggunakan 4 (empat) tahapan network forensics, yaitu Preparation, Detection, Incident Response, dan Collection sebagai acuan untuk komparasi tools. Hasil dari komparasi tersebut menunjukkan bahwa IBM QRadar lebih efektif dalam konfigurasi rules, kecepatan serangan, dan pengumpulan paket data serangan. ----- Weak computer network security can make it easier for hackers to exploit important data. BSSN revealed in its annual report that in 2023, Indonesia will experience various cyberattack events. Security Information and Event Management (SIEM) includes systems that can detect threats and cyberattacks on the network. Detection of cyber attacks requires forensic methods in identifying the type of attack with network forensics. IBM QRadar Community Edition (CE) and Snort are tools from SIEM products that can detect cyber threats and attacks. In this research, log or network activity configuration and analysis of the performance of QRadar CE and Snort in detecting Port Scanning, Metasploit, and Distributed / Denial of Service (D/DoS) attacks are carried out. This research uses 4 (four) stages of network forensics, namely Preparation, Detection, Incident Response, and Collection as a reference for tools comparison. The results of the comparison show that IBM QRadar is more effective in configuring rules, attack speed, and collecting attack data packets.
| Item Type: | Thesis (S1) |
|---|---|
| Additional Information: | https://scholar.google.com/citations hl=id&user=F_0j6EkAAAAJ&scilu=&scisig=AMD79ooAAAAAX-QUQS4bRfMONeRYwJh6QZ47erjpcBaX&gmla=AJsN-F6zRViyzZBL7fTaksKpS6t4dlUrmffSo1myQkFMpRYsaYtb2u7xZRJEKFNRyawlOBaou_0yFPz3keINB2Dftxd1OEGO0JH0RUwH9H8lQsu7uRZsJaus3N_MR0Eo8ArCGC7iqkzt&sciund=15772516295415261621 ID SINTA Dosen Pembimbing: Galura Muhammad Suranegara: 6703764 Hafiyyan Putra Pratama: 6681148 |
| Uncontrolled Keywords: | Analisis Deteksi, Siber, QRadar, Snort, network forensics Detection Analysis, Cyber, Qradar, Snort, Network Forensics |
| Subjects: | T Technology > T Technology (General) |
| Divisions: | UPI Kampus Purwakarta > S1 Sistem Telekomunikasi |
| Depositing User: | Pramudika Afriza Fahmi |
| Date Deposited: | 02 Sep 2024 07:15 |
| Last Modified: | 02 Sep 2024 07:15 |
| URI: | http://repository.upi.edu/id/eprint/121711 |
Actions (login required)
 |
View Item |