Analisis Log Snort Menggunakan Network Forensic

Dewi, Ervin Kusuma

doi:10.29100/jipi.v2i2.370

Cited by 5 publications

(4 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Suricata berbeda dari Snort namun Suricata memiliki dukungan untuk rules yang luas sehingga memiliki sintaks yang serupa dengan bahasa rules Snort [9]. Snort adalah tools IDS bersifat open source dan banyak digunakan hanya untuk mendeteksi jaringan dari aktivitas jahat seperti serangan cyber berupa DOS, Syn Flood dan Ping of Death [10]. Dalam penelitian ini dilakukan tiga jenis serangan yaitu SYN Flooding, Port Scanning dan Ping of Death.…”

Section: Pendahuluanunclassified

Penerapan Sistem Keamanan Jaringan Menggunakan Intrusion Prevention System Berbasis Suricata

Rivaldi,

Marpaung

2023

ISI

View full text Add to dashboard Cite

Abstrack -In an increasingly interconnected digital era, network security has become critically important. Network security involves efforts to protect data and computer systems from potential detrimental threats, such as cyber attacks, malware, and data theft. The presence of increasingly complex and evolving threats has raised awareness of the need for robust network security. Network security is of utmost importance in the rapidly evolving digital environment. With the growing threats to data and computer systems, strong network security is a necessity. One way to enhance it is by utilizing an Intrusion Prevention System (IPS). An IPS is a type of software and hardware network security device that monitors unwanted activities that can disrupt network connectivity. IPS can take immediate action to prevent such activities. Suricata is a highly effective intrusion detection and prevention software used to monitor network traffic in an effort to detect and prevent potentially harmful attacks. Suricata can be configured according to specific organizational needs, including the use of customized rules and additional features such as anomaly monitoring and integration with other security tools. Suricata IPS successfully detects and blocks incoming network attacks.

show abstract

Section: Pendahuluanunclassified

Penerapan Sistem Keamanan Jaringan Menggunakan Intrusion Prevention System Berbasis Suricata

Rivaldi,

Marpaung

2023

ISI

View full text Add to dashboard Cite

show abstract

“…Cara kerja snort mirip dengan TcpDump, tetapi fokus sebagai security packet sniffing. Fitur utama snort yang membedakan dengan TcpDump adalah payload inspection, dimana snort melakukan analisis payload rule set yang disediakan [7]. Kehandalan snort sebagai alat pendeteksi intrusi sangat bergantung pada pengaturan jaringan dan rules yang di buat dan diintegrasikan pada host maupun target serangan yang akan dilindungi.…”

Section: Pendahuluanunclassified

Intruder Detection Systems on Computer Networks Using Host Based Intrusion Detection System Techniques

Widodo

Riadi

2021

Bul. Il. Sar. TE.

View full text Add to dashboard Cite

The openness of access to information raises various problems, including maintaining the validity and integrity of data, so a network security system is needed that can deal with potential threats that can occur quickly and accurately by utilizing an IDS (intrusion detection system). One of the IDS tools that are often used is Snort which works in real-time to monitor and detect the ongoing network by providing warnings and information on potential threats in the form of DoS attacks. DoS attacks run to exhaust the packet path by requesting packets to a target in large and continuous ways which results in increased usage of CPU (central processing unit), memory, and ethernet or WiFi networks. The snort IDS implementation can help provide accurate information on network security that you want to monitor because every communication that takes place in a network, every event that occurs and potential attacks that can paralyze the internet network are monitored by snort.

show abstract

“…Pada sebuah sistem jaringan internet diperlukan sebuah sistem pendeteksi dengan metode (Intrusion Detection System) IDS, yang berguna untuk menjaga validitas dan integritas layanan bagi semua pengguna jaringan internet [4] [5]. Keseluruhan aktivitas yang dilakukan oleh pengguna layanan internet dapat di amati berdasarkan Log file yang sudah tersimpan pada sistem IDS yang digunakan.…”

Section: Pendahuluanunclassified

Analysis of Digital Evidence on Denial of Service (DoS) Attack Log Based

Fanani

Riadi

2020

Bul. Il. Sar. TE.

View full text Add to dashboard Cite

This research is carried out an analysis and investigation of digital log file data retrieval from DoS (Denial of Service) attacks, on internet networks that have been detected by IDS (Intrusion Detection System) and using Wireshark as Tools Analysis Network. The research phase begins with the design of an experimental scenario which is often carried out daily where users access the internet network. The next stage is an attack in the form of ping flood on the target computer connected to the internet network, the final stage of data retrieval which will be analyzed later. Testing research using UAT (User Acceptance Test), to prove that the analysis has been received by the user. The results of research conducted to obtain data in the form of an attacker's IP (Internet Protocol), target IP, protocol type, the port used and the time of the attack. In the UAT test results, the obtained value of 18% of students disagrees, 58% of students agree, and 24% of students strongly agree. This research has conducted an analysis of random data attacks using Wireshark applications received by users.

show abstract

Analisis Log Snort Menggunakan Network Forensic

Cited by 5 publications

References 1 publication

Penerapan Sistem Keamanan Jaringan Menggunakan Intrusion Prevention System Berbasis Suricata

Penerapan Sistem Keamanan Jaringan Menggunakan Intrusion Prevention System Berbasis Suricata

Intruder Detection Systems on Computer Networks Using Host Based Intrusion Detection System Techniques

Analysis of Digital Evidence on Denial of Service (DoS) Attack Log Based

Contact Info

Product

Resources

About