Penerapan Keamanan Jaringan Menggunakan Zeek Sebagai Intrusion Detection System (IDS)
Total View This Week0
Total View This Week0
Institusion
Institut Teknologi Telkom Purwokerto
Author
Hindung, Pramu Andono
Subject
T Technology (General)
Datestamp
2021-12-07 04:32:58
Abstract :
The development of information technology today, computer network security is still one of the important systems to maintain the integrity of data and information in a computer network. Problems that occur in computer networks are Denial of Service (DoS) attacks where DoS attacks can cause damage to the infrastructure of a computer network. Therefore, a network security system is needed to prevent attacks. This research was conducted to detect attacks from DoS with the type of protocol Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) using the Intrusion Detection System (IDS) method. TCP attacks can flood network traffic used flooding data large amounts of IP addresses, whereas UDP attacks can flood ports on hosts. Using the IDS method can catch suspicious network traffic activity because the IDS will give a warning to the system or network manager so that it can detect a DoS attack. In DoS attacks there is a decrease in Quality of Service (QoS) causing the network to be unable to provide services to network traffic propely. Therefore, the results of the Quality of Service that will be taken in this study are throughput, delay, packet loss, CPU usage and memory usage. In the QoS parameter, the UDP protocol sends data packets faster than the TCP protocol. In the CPU parameter, it generates a CPU increase for each TCP and UDP DoS attack test. In the Zeek application, the results obtained can capture the DoS attack activity of the TCP and UDP protocols. Keywords: Computer network security, Denial of Service, Intrusion Detection System, Quality of Service.
The development of information technology today, computer network security is still one of the important systems to maintain the integrity of data and information in a computer network. Problems that occur in computer networks are Denial of Service (DoS) attacks where DoS attacks can cause damage to the infrastructure of a computer network. Therefore, a network security system is needed to prevent attacks. This research was conducted to detect attacks from DoS with the type of protocol Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) using the Intrusion Detection System (IDS) method. TCP attacks can flood network traffic used flooding data large amounts of IP addresses, whereas UDP attacks can flood ports on hosts. Using the IDS method can catch suspicious network traffic activity because the IDS will give a warning to the system or network manager so that it can detect a DoS attack. In DoS attacks there is a decrease in Quality of Service (QoS) causing the network to be unable to provide services to network traffic propely. Therefore, the results of the Quality of Service that will be taken in this study are throughput, delay, packet loss, CPU usage and memory usage. In the QoS parameter, the UDP protocol sends data packets faster than the TCP protocol. In the CPU parameter, it generates a CPU increase for each TCP and UDP DoS attack test. In the Zeek application, the results obtained can capture the DoS attack activity of the TCP and UDP protocols. Keywords: Computer network security, Denial of Service, Intrusion Detection System, Quality of Service.
Download
book
BibTex
Latex, Jabref
cloud_download
Original Resource
url resource Institution
