Analisis Perbandingan Performansi Intrusion Detection and Prevention System (IDPS) OSSEC dan Snort Menggunakan Quality of Service (QoS)

Arifah, Ramadhan (2024) Analisis Perbandingan Performansi Intrusion Detection and Prevention System (IDPS) OSSEC dan Snort Menggunakan Quality of Service (QoS). Undergraduate Thesis thesis, Institut Teknologi Telkom Purwokerto.

[img] Text
Cover.pdf
Download (935kB)
[img] Text
Abstrak.pdf
Download (69kB)
[img] Text
Abstract.pdf
Download (69kB)
[img] Text
BAB I.pdf
Download (80kB)
[img] Text
BAB II.pdf
Download (330kB)
[img] Text
BAB III.pdf
Download (339kB)
[img] Text
BAB IV.pdf
Restricted to Registered users only
Download (800kB)
[img] Text
BAB V.pdf
Download (71kB)
[img] Text
Daftar Pustaka.pdf
Download (198kB)
[img] Text
Lampiran.pdf
Restricted to Registered users only
Download (665kB)

Abstract

A public network will be easily accessed by everyone from various countries, this is what makes this network vulnerable to attack. Even though every network already uses a firewall, it can be easily attacked by attackers. In solving this problem, a system that is stronger than a firewall is needed, namely the Intrusion Detection and Prevention System or better known as IDPS. Securing the system can be done by integrating OSSEC and Snort where this system will provide logs to record activities carried out by attackers. OSSEC will act like a firewall that can allow and block. While Snort will analyze all network traffic to intercept and look for several types of intrusions in a network. In this research, a Distributed Denial of Service (DDoS) attack is tested on a network server that has been installed with OSSEC and Snort. After testing the attack, network quality measurements will be made using Quality of Service (QoS) to determine the state of the network before the attack and after the attack. In the performance comparison between Snort and OSSEC in detecting attacks, for ICMP Flood attacks, Snort is superior in terms of throughput and Packet loss, while OSSEC is better in delay and jitter. In detecting TCP Flood attacks, Snort showed superior performance in throughput, delay, and Packet loss, while OSSEC excelled in jitter. For UDP Flood attacks, Snort is better in throughput and delay, while OSSEC has better performance in jitter and Packet loss. Keywords: Intrusion Detection and Prevention System, OSSEC, Snort, Quality of Service

Item Type: Thesis (Undergraduate Thesis)
Subjects: T Technology > T Technology (General)
Divisions: Faculty of Informatics > Informatics Engineering
Depositing User: repository staff
Date Deposited: 10 Sep 2024 03:58
Last Modified: 10 Sep 2024 03:58
URI: http://repository.ittelkom-pwt.ac.id/id/eprint/11239

Actions (login required)

View Item View Item
Repository IT Telkom Purwokerto is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.