Forensik Jaringan DDoS menggunakan Metode ADDIE dan HIDS pada Sistem Operasi Proprietary

  • sri suharti Universitas Ahmad Dahlan
  • Anton Yudhana Universitas Ahmad Dahlan, Jl. Prof. DR. Soepomo Sh, Warungboto, Kec. Umbulharjo, Kota Yogyakarta, Daerah Istimewa Yogyakarta
  • Imam Riadi Universitas Ahmad Dahlan, Jl. Prof. DR. Soepomo Sh, Warungboto, Kec. Umbulharjo, Kota Yogyakarta, Daerah Istimewa Yogyakarta
DOI: https://doi.org/10.30812/matrik.v21i3.1732
Keywords: DDoS, Firewall, HIDS, Sistem Operasi, Snort

Abstract

Forensik jaringan sangat dibutuhkan dalam mempertahankan kinerja jaringan komputer dari serangan Distributed Denial of Service (DDoS). Penelitian ini bertujuan untuk mendapatkan bukti digital keakurasian tool DDoS, keberhasilan metode HIDS dan implementasi firewall pada Network layer dalam menghentikan DDoS. Metode penelitian ini menerapkan ADDIE (Analyze, Design, Develop, Implement and Evaluate) dan Host-Based Intrusion Detection System (HIDS) Snort pada simulasi jaringan berbasis lokal dan luas. Hasil pengujian menyatakan Slowloris merupakan DDoS paling melumpuhkan web server IIS pada sistem operasi proprietary dengan penurunan performa server sebesar 78%, akurasi peningkatan trafik jaringan sebesar 92,84% alert 150 kali. Implementasi firewall pada network layer dalam menghentikan DDoS memiliki keberhasilan sebesar 98.91%. Hal ini menunjukkan metode ADDIE berhasil diterapkan dalam penelitian dan menyatakan DDoS pelumpuh server berhasil dideteksi pada metode HIDS dan berhasil dihentikan oleh firewall pada sistem operasi proprietary.

Downloads

Download data is not yet available.

References

[1] L. Tan, K. Huang, G. Peng, and G. Chen, “Stability of TCP/AQM Networks Under DDoS Attacks with Design,” IEEE Transactions
on Network Science and Engineering, vol. 7, no. 4, pp. 3042–3056, 2020.
[2] W. M. A, “Securing Vehicular Ad-Hoc Networks: A DDoS Case Study,” 2nd International Conference on Computation, Automation
And Knowledgee Management Amity University, pp. 1–6, 2021.
[3] H. Huang, L. Hu, J. Chu, and X. Cheng, “An Authentication Scheme to Defend Against UDP DrDoS Attacks in 5G Networks,”
IEEE Access, vol. 7, pp. 175 970–175 979, 2019.
[4] P. Bhale, S. Biswas, and S. Nandi, “LORD: Low Rate DDoS Attack Detection and Mitigation Using Lightweight Distributed
Packet Inspection Agent in IoT Ecosystem,” International Symposium on Advanced Networks and Telecommunication Systems,
ANTS, vol. 2019-December, pp. 2–7, 2019.
[5] X. Liang and T. Znati, “An Empirical Study of Intelligent Approaches to DDoS Detection in Large Scale Networks,” 2019
International Conference on Computing, Networking and Communications, ICNC 2019, pp. 821–827, 2019.
[6] rajorshi Biswas and J.Wu, “Optimal Filter Assignment Policy Against Distributed Denial-of-Service Attack,” IEEE Transactions
on Dependable and Secure Computing, vol. 5971, no. c, pp. 1–1, 2020.
[7] R. Sanjeetha, “Mitigating HTTP GET FLOOD DDoS Attack Using an SDN Controller,” International Conference on Recent
Trends on Electronic, Information, Communictioan & Technology, pp. 6–10, 2020.
[8] S. Bagheri and A. Shameli-Sendi, “Dynamic Firewall Decomposition and Composition in The Cloud,” IEEE Transactions on
Information Forensics and Security, vol. 15, no. 2, pp. 3526–3539, 2020.
[9] F. Antony and R. Gustriansyah, “Deteksi Serangan Denial of Service pada Internet of Things Menggunakan Finite-State Automata,”
MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer, vol. 21, no. 1, pp. 43–52, 2021.
[10] S. M. Xia, S. Z. Guo, W. Bai, J. Y. Qiu, H. Wei, and Z. S. Pan, “A New Smart Router-Throttling Method to Mitigate DDoS
Attacks,” IEEE Access, vol. 7, pp. 107 952–107 963, 2019.
[11] T. Hirakawa, K. Ogura, B. B. Bista, and T. Takata, “An Analysis of A Defence Method Against Slow HTTP DoS Attack,”
Proceedings of 2018 International Symposium on Information Theory and its Applications, ISITA 2018, no. C, pp. 316–320,
2019.
[12] A. Yudhana, I. Riadi, and S. Suharti, “Distributed Denial of Service (DDoS) Analysis on Virtual Network and Real Network
Traffic,” Journal of Informatics and Telecommunication Engineering-Jite, vol. 5, no. 1, pp. 112–121, 2021.
[13] Netscout System, “Application-Layer DDoS Attacks : Bad Things Come In Small Pacages,” NETSCOUT, p. 1, 2018.
[14] A. Anggrawan, R. Azhar, B. K. Triwijoyo, and M. Mayadi, “Developing Application in Anticipating DDoS Attacks on Server
Computer Machines,” MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer, vol. 20, no. 2, pp. 427–434,
2021.
[15] S. Sivanantham, R. Abirami, and R. Gowsalya, “Comparing The Performance of Adaptive Boosted Classifiers in Anomaly
Based Intrusion Detection System for Networks,” Proceedings - International Conference on Vision Towards Emerging Trends
in Communication and Networking, ViTECoN 2019, pp. 1–5, 2019.
[16] N. Jaswal, Hands-on Network Forensics : Investigate Network Attacks and Find Evidence Using Common Network Forensic
Tools, 2019.
[17] C. Y. Tseung and K. P. Chow, “Forensic-Aware Anti-DDoS Device,” Proceedings - 2018 IEEE Symposium on Security and
Privacy Workshops, SPW 2018, pp. 148–159, 2018.
[18] P. Senthilkumar and M. Muthukumar, “A Study on Firewall System, Scheduling and Routing Using Pfsense Scheme,” Proceedings
of IEEE International Conference on Intelligent Computing and Communication for Smart World, I2C2SW 2018, pp. 14–17,
2018.
[19] A. Praseed and P. Santhi Thilagam, “DDoS Attacks at The Application Layer: Challenges and Research Perspectives for Safeguarding
Web Applications,” IEEE Communications Surveys and Tutorials, vol. 21, no. 1, pp. 661–685, 2019.
[20] B. Rashidi, C. Fung, and M. Rahman, “A Scalable and Flexible DDoS Mitigation System Using Network Function Virtualization,”
IEEE/IFIP Network Operations and Management Symposium: Cognitive Management in a Cyber World, NOMS 2018, pp.
1–6, 2018.
[21] J. M. Ceron, C. Scholten, A. Pras, and J. Santanna, “MikroTik Devices Landscape, Realistic Honeypots, and Automated Attack
Classification,” Proceedings of IEEE/IFIP Network Operations and Management Symposium 2020: Management in the Age of
Softwarization and Artificial Intelligence, NOMS 2020, 2020.
[22] A. Yudhana, I. Riadi, and F. Ridho, “DDoS Classification Using Neural Network and Na¨ıve Bayes Methods for Network Forensics,”
International Journal of Advanced Computer Science and Applications, vol. 9, no. 11, pp. 177–183, 2018.
[23] Y. Fu, M. H. Au, R. Du, H. Hu, and D. Li, “Cloud Password Shield: A Secure Cloud-Based Firewall Against DDoS on Authentication
Servers,” Proceedings - International Conference on Distributed Computing Systems, vol. 2020-November, pp. 1209–1210,
2020.
[24] S. Alam, Y. Alam, S. Cui, C. Akujuobi, and M. Chouikha, “Toward Developing A Realistic DDoS Dataset for Anomaly-Based
Intrusion Detection,” Digest of Technical Papers - IEEE International Conference on Consumer Electronics, vol. 2021-Janua,
2021.
[25] L. Z. A. Mardedi and K. Marzuki, “Network Rancang Bangun Jaringan Komputer LAN Berdasarkan Perbandingan Kinerja Routing
Protokol EIGRP dan Routing Protokol OSPF,” MATRIK : Jurnal Manajemen, Teknik Informatika dan Rekayasa Komputer,
vol. 18, no. 2, pp. 202–210, 2019
Published
2022-07-31
How to Cite
suharti, sri, Yudhana, A., & Riadi, I. (2022). Forensik Jaringan DDoS menggunakan Metode ADDIE dan HIDS pada Sistem Operasi Proprietary. MATRIK : Jurnal Manajemen, Teknik Informatika Dan Rekayasa Komputer, 21(3), 567-582. https://doi.org/https://doi.org/10.30812/matrik.v21i3.1732
Issue
Vol 21 No 3 (2022)
Section
Articles
Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.