Implementasi Anti-DDOS Menggunakan Intrusion Prevention System (IPS) terhadap Serangan DDOS
DOI:
https://doi.org/10.32493/informatika.v8i2.33685Keywords:
DDoS, IPS, Anti-DDoS, malware, XSSAbstract
Distributed Denial of Service (DDoS) is a type of attack that can exhaust server resources. This attack results in a decrease in server quality so that it cannot be accessed by authorized users. Servers that are commonly victimized by this attack belong to companies from various sectors. PT Datacomm Diangraha provides solutions to these problems. As PT Datacomm Diangraha will do to Company X, which is to implement an Intrusion Prevention System (IPS) device as Anti-DDoS on its customers according to the customer's needs. This paper will test IPS devices in preventing DDoS attacks such as TCP Flood, UDP Flood, and ICMP Flood. The test is conducted by connecting the attacker and victim to the IPS device in the local network. The analysis will be done by comparing the network traffic and throughput of the victim when the attack is carried out when protected by IPS, no protection, and when traffic is normal. Experiments were conducted by performing a one-minute attack. The results of the experiments show that the traffic when protected by an IPS is similar to that during normal traffic. In addition, tests were conducted to prevent XSS malware to prove that IPS can prevent other attacks besides DDoS. From the test results, it was found that IPS can prevent DDoS attacks with 100% accuracy. The throughput data obtained when a DDoS attack occurs without IPS protection is 260978.9 - 1080732.32 bps. Throughput data when a DDoS attack occurs with IPS protection of 42.55 - 49.95 bps, which shows similarity in value with throughput during normal traffic which is 43.43 bps.References
(2023). • DATASHEET • Tippingpoint Threat Protection System Family Key Features.
Retrieved from https://www.datacomm.co.id/about/
Aditya, R. (2020). Implementasi dan Analisis Pertahanan dari Serangan DOS dan DDoS pada Virtual Server dengan Menggunakan HIPS SNORT. Bandung: Telkom University.
Firmansyah, M., Negara, R., & Sanjoyo, D. (2019). Mengimplementasikan Sistem Keamanan Jaringan Intrusion Prevention System Berbasis SNORT pada Arsitektur Software Defined Network Implementing SNORT Based Intrusion Prevention System as Network Security in Software Defined Network. Bandung.
McAfee, & LLC. (2019). Revision A McAfee Network Security Platform (NS9500 Sensor Product Guide) Trademark Attributions License Information License Agreement the Place of Purchase for a Full Refund. 2 McAfee Network Security Platform.
Nugraha, M. (2023). Sistem Deteksi dan Mitigasi Serangan DDoS pada Jaringan Software Defined Network Menggunakan Self Organizing MAP. Bandung: Telkom University.
Wahyudin, M. (2023). Sistem Pendistribusian Blacklisted IP untuk Menangani Serangan DDoS Menggunakan Intrusion Prevention System (IPS) Suricata Berbasis Blockchain. Bandung: Telkom University.
Hakim, A. S., Cahyanto, T. A., & Azizah, H. (2020). Serangan cross-site scripting (XSS) berdasarkan base metric CVSS V.2. Jurnal Smart Teknologi, 2(1).
Pei, J., Chen, Y., & Ji, W. (2019). A DDoS Attack Detection Method Based on Machine Learning. 1237(3). https://doi.org/10.1088/1742-6596/1237/3/032040
Saini, P. S., & Behal. (2020). Detection of DDoS Attacks using Machine Learning Algorithms. 16–21.
Vanny Andini, Lipur Sugiyanta, & Bachren Zaini. (2020). Analisis Kinerja Parameter Throughput Dan Delay Akses Inetrnet Di Smk Karyaguna Jakarta Selatan. PINTER : Jurnal Pendidikan Teknik Informatika Dan Komputer, 4(2), 41–44. https://doi.org/10.21009/pinter.4.2.8
Wahyudi, F., & Utomo, L. T. (2021). Perancangan Security Network Intrusion Prevention System Pada PDTI Universitas Islam Raden Rahmat Malang. 5(1), 60–69. https://doi.org/10.29408/edumatic.v5i1.3278
Downloads
Published
Issue
Section
License
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution-NonCommercial 4.0 International (CC BY-NC 4.0) that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
Jurnal Informatika Universitas Pamulang have CC-BY-NC or an equivalent license as the optimal license for the publication, distribution, use, and reuse of scholarly work.
In developing strategy and setting priorities, Jurnal Informatika Universitas Pamulang recognize that free access is better than priced access, libre access is better than free access, and libre under CC-BY-NC or the equivalent is better than libre under more restrictive open licenses. We should achieve what we can when we can. We should not delay achieving free in order to achieve libre, and we should not stop with free when we can achieve libre.
Jurnal Informatika Universitas Pamulang is licensed under a Creative Commons Attribution-NonCommercial 4.0 International (CC BY-NC 4.0)
YOU ARE FREE TO:
- Share : copy and redistribute the material in any medium or format
- Adapt : remix, transform, and build upon the material for any purpose, even commercially.
- The licensor cannot revoke these freedoms as long as you follow the license terms
