SIMULASI IDS BERBASIS SNORT UNTUK MENDETEKSI SERANGAN DOS PADA JARINGAN VIRTUAL MENGGUNAKAN SDN DENGAN FLOODLIGHT CONTROLLER

AULIA, RAHMAN GULTOM (2024) SIMULASI IDS BERBASIS SNORT UNTUK MENDETEKSI SERANGAN DOS PADA JARINGAN VIRTUAL MENGGUNAKAN SDN DENGAN FLOODLIGHT CONTROLLER. Undergraduate Thesis thesis, Institut Teknologi Telkom Purwokerto.

[img] Text
Cover.pdf

Download (12MB)
[img] Text
Abstract .pdf

Download (19kB)
[img] Text
Abstrak .pdf

Download (23kB)
[img] Text
BAB I.pdf

Download (104kB)
[img] Text
BAB II.pdf

Download (406kB)
[img] Text
BAB III.pdf

Download (314kB)
[img] Text
BAB IV .pdf
Restricted to Registered users only

Download (630kB)
[img] Text
BAB V.pdf

Download (20kB)
[img] Text
Daftar Pustaka .pdf

Download (113kB)

Abstract

Major changes have taken place in the world of communication networks as technology has advanced in recent decades. One significant advancement is the adoption of Software Defined Network (SDN), which provides a high degree of flexibility and control over network infrastructure. However, the increasing utilization of Software Defined Networks also opens up potential security risks, especially related to Denial of Service attacks. This research aims to address these challenges by simulating a Snort-based Intrusion Detection System (IDS) in SDN using Floodlight Controller. This research configures Host, IDS Snort, SDN Controller. The scenario in this study uses 10 scenarios with different numbers of packets and packet sizes. Furthermore, simulating Denial of Service (DoS) attacks using flood attacks, the parameters of this study include response time, where the response time here is how long it takes IDS to detect attacks, detection accuracy how accurately IDS detects attacks, and network overload how much memory, CPU, and bandwidth on hardware. The results showed that the response time of the Snort IDS system increased along with the intensity of the DoS attack launched, from 2.37 minutes in light attacks (100 packets, 64 bytes) to 11.40 minutes in heavy attacks (50000 packets, 32768 bytes). Despite this, Snort IDS managed to maintain a DoS attack detection accuracy of 100% in all test scenarios. In terms of network overload, memory usage increased from 54,86 MB to 77,27 MB, CPU usage increased from 28.75% to 50.53%, and bandwidth used increased from 6899.40 Kbps to 74258.45 Kbps. In conclusion, Snort IDS proved effective in detecting DoS attacks with very high accuracy and was able to handle the increasing intensity of attacks despite the increase in network resource usage.

Item Type: Thesis (Undergraduate Thesis)
Subjects: T Technology > T Technology (General)
Divisions: Faculty of Telecommunication and Electrical Engineering > Diploma of Telecommunication Technology
Depositing User: repository staff
Date Deposited: 29 Jul 2024 09:13
Last Modified: 29 Jul 2024 09:13
URI: http://repository.ittelkom-pwt.ac.id/id/eprint/10814

Actions (login required)

View Item View Item