Analisis Secure-AODV pada Vehicular Ad-hoc Network (VANET) Terhadap Serangan Denial of Service (DoS)

ABSTRAKSI: Pada dasarnya, Vehicular Ad - Hoc Network (VANET) merupakan jaringan yang tidak aman, terutama karena perilaku broadcast pada media wireless sesuai dengan kebutuhan pembentukan arsitektur infrastruktur. Hal ini dapat menjadi peluang bagi malicious node dalam melakukan sera ngan terhadap routing protocol . Serangan ini tidak hanya menggangu proses pencarian rute, tetapi juga dapat mengganggu atau bahkan melumpuhkan kinerja routing protocol . Dengan begitu, solusi keamanan dibutuhkan dalam perkembangan routing protocol , untuk me lidungi komunikasi antar node - node yang membangun jaringan VANET dari serangan malicious node. Reactive routing protocol SAODV, digunakan untuk menjawab kerentanan terhadap serangan pada VANET. Integrity dan authentication merupakan tujuan kemanan yang diimplementasikan dalam routing protocol SAODV. Dengan menggunakan model kunci asimetris dalam kriptografi, SAODV melakukan pengamanan dengan menggunakan mekanisme hash dan digital signature . Routing protocol ini akan disimul asikan dalam kondisi jaringan VANET dengan kondisi tanpa serangan dan dengan serangan RREQ disruption dan blackhole . Kondisi tersebut akan disertakan dalam skenario dengan perubahan jumlah node sebanyak 10,16 dan 20, serta perubahan kecepatan node 15m/s, 2 0m/s dan 25m/s , yang disimulasikan dengan network simulator 2 (NS2) . Dengan begitu akan tampak dengan jelas dampak dari serangan malicious node terhadap kinerja routing protocol SAODV. Evaluasi kinerja dari routing protocol SAODV tersebut ditinjau dari parameter : packet delivery ratio, pack et loss ratio, routing overhead, normalized routing load dan convergence time . Packet delivery ratio dan packet loss ratio mengindikasikan dampak serangan terhadap pengiriman paket dari node sum ber ke node tujuan. Sedangkan, convergence time, routing overhead dan normalized routing load mengindikasikan kinerja routing protocol SAODV yang menggunakan jumlah paket routing yang lebih kecil dari paket yang dikirimkan dalam proses komunikasi meskipun ditambahkan mekanisme keamanan pada SAODV . Kata Kunci : VANET, reactive routing protocol , SAODV , integrity , authentication , packet delivery ratio , packet loss ratio , routing overhead , normalized routing load , convergence time dan NS 2ABSTRACT: Vehicular Ad - Hoc Network (VANET) is inherently insecure, primarily due to the broadcast nature of the wireless medium as well as the need for an infrastructureless architecture. This can be an opportunity for malicious nodes to attack against the routing protocol. The attacks can not only disrupt the normal routing process but also adversely affect the protocol network performance or even disable it . So, security solutions are needed in the development of a routing protocol, to protect the communication be tween the nodes which build the VANET network from malicious nodes attacks. Reactive routing protocol SAODV, are used to address vulnerability from attacks on VANET. Integrity and authentication are security goals are implemented in the SAODV routing prot ocol. By using a model of asymmetric key cryptography, SAODV do security by using hash and digital signature mechanisms. This routing protocol will be simulated in VANET network and with or without RREQ disruption and blackhole attacks. These conditions wi ll be included in the scenario with the change in the number of nodes as much as 10, 16 and 20, as well as change the nodes speed of 15m/s, 20m/s and 25m/s , which simulated by network simulator 2 (NS2) . That would seem the obvious impact of the attacks fro m malicious nodes on the performance of routing protocol SAODV. Performance evualuation of routing protocol SAODV is in terms of parameters : packet delivery ratio, packet loss ratio, convergence time, routing overhead dan normalized routing load. Packet delivery ratio and packet loss ratio indicates the impact of attacks against packet delivery from the source node to the destination node. Meanwhile, convergence time, routing overhead and normalized routing load indicates performance of SAODV routing prot ocol which uses reasonable amount of routing packets in the communication process, though SAODV uses security mechanisms. Keyword: VANET, reactive routing protocol, SAODV, integrity, authentication, packet delivery ratio, packet loss ratio, convergence time, routing overhead, normalized routing load, and NS 2

Denial of Service in Voice Over IP Networks

In this paper we investigate denial of service (DoS) vulnerabilities in Voice over IP (VoIP) systems, focusing on the ITU-T H.323 family of protocols. We provide a simple characterisation of DoS attacks that allows us to readily identify DoS issues in H.323 protocols. We also discuss network layer DoS vulnerabilities that affect VoIP systems. A number of improvements and further research directions are proposed

Pendeteksian Serangan Denial of Service (DoS) pada Perangkat Smartlock Berbasis Wifi Menggunakan SNORT

Serangan DoS menimbulkan ancaman kerugian yang serius,saat ini serangan DoS terus berkembang sehingga membuat suatu jaringan atau resource tidak dapat berfungsi sebagaimana mestinya. Serangan DoS pada broker perangkat Smartlock berbasis wifi ini dapat membuat perangkat tidak memberikan respon pada saat akan digunakan. Broker sangat berperan penting dalam berlangsungnya komunikasi antara user dan perangkat Smartlock itu sendiri.Oleh karena itu,langkah-langkah tepat harus diambil untuk memastikan keamanan dan kelancaran komunikasi perangkat. Dalam tugas akhir ini, diusulkan solusi untuk digunakan dalam menyaring serangan DoS pada perangkat Smartlock menggunakan SNORT IDS. Teknik yang diusulkan menggunakan SNORT dengan sejumlah rules yang dibuat. Penulis mengevaluasi solusi yang diusulkan dengan membandingkan tingkat presisi rules yang dibuat. Hasil pengujian menunjukkan bahwa rule terbaik didapatkan dengan nilai presisi 0.8

Self-triggered Coordination over a Shared Network under Denial-of-Service

The issue of security has become ever more prevalent in the analysis and design of cyber-physical systems. In this paper, we analyze a consensus network in the presence of Denial-of-Service (DoS) attacks, namely attacks that prevent communication among the network agents. By introducing a notion of Persistency-of-Communication (PoC), we provide a characterization of DoS frequency and duration such that consensus is not destroyed. An example is given to substantiate the analysis

Resilient Control under Denial-of-Service

We investigate resilient control strategies for linear systems under Denial-of-Service (DoS) attacks. By DoS attacks we mean interruptions of communication on measurement (sensor-to-controller) and/or control (controller-to-actuator) channels carried out by an intelligent adversary. We characterize the duration of these interruptions under which stability of the closed-loop system is preserved. The resilient nature of the control descends from its ability to adapt the sampling rate to the occurrence of the DoS.Comment: 10 pages, abridged version submitte

Deteksi Serangan Denial of Service (DOS) menggunakan Algoritma Probabilistic Neural Network (PNN)

Salah satu masalah keamanan dalam jaringan komputer adalah serangan Denial of Service (DoS). Serangan DoS mengakibatkan pengguna dari akses layanan normal tidak dapat mengakses jaringan komputer dikarenakan penyerang mengonsumsi sumber daya yang berlebihan. Hal tersebut terjadi karena deteksi serangan DoS yang masih belum optimal. Untuk menyelesaikan masalah diatas, diusulkan membangun Intrusion Detection System (IDS) dengan metode anomaly-detection yang menggunakan algoritma machine learning yaitu Probabilistic Neural Network (PNN) untuk mendeteksi serangan DoS secara optimal. Pada penelitian ini, implementasi PNN dalam mendeteksi serangan DoS menggunakan NSL-KDD dataset dengan 13 fitur pilihan dan menghasilkan nilai akurasi tertinggi daripada algorima lain yaitu sebesar 98,06%. Kata kunci : Keamanan Jaringan Komputer, Probabilistic Neural Network (PNN), Denial of Service (DoS)

The Computer Misuse Act 1990: lessons from its past and predictions for its future

The age of the internet has thrown down some real challenges to the Computer Misuse Act 1990. Recently, the Government made changes to this piece of legislation, in an attempt to meet two of those challenges--the proliferation of “ Denial of Service” (DoS) attacks, and the creation and dissemination of “ Hackers' tools” --and to fulfil international commitments on cybercrime. Yet some of these new measures invite criticisms of policy, form and content, and bring doubts about how easy to interpret, and how enforceable, they will be

Analisis Perbandingan Dampak Serangan Denial of Service (DoS) Terhadpa LAN IPv4 dan LAN IPv6

ABSTRAKSI: Sebagai salah satu jenis serangan terhadap sistem komputer, Denial of service senantiasa berkembang dalam berbagai bentuk. Perbedaan utama dengan jenis serangan lain adalah bahwa vulnerability yang diincar bukan data yang dikirimkan, melainkan sistem yang mengirim dan menerima data. Pada penelitian ini Denial of service akan diujicobakan terhadap LAN sederhana terdiri dari 3 kompuiter dengan sistem operasi Windows yang mendukung dua protokol masing-masing IPv4 dan IPv6. Dimana IPv4 merupakan model pengalamatan yang umum dipakai sampai saat ini dan IPv6 merupakan model pengalamatan terbaru yang diproyeksikan menggantikan IPv4 di masa mendatang. Parameter yang digunakan diutamakan dari sisi user yakni response time, transfer time, dan throughput. Serangan dan pengukuran parameter dilakukan secara terpisah untuk pengalamatan IPv4 dan IPv6.Dari hasil percobaan dapat diketahui bahwa umumnya serangan Denial of service yang diujicobakan memberikan dampak yang negative bagi layanan pada LAN tersebut namun tidak terlalu besar karena LAN yang memang hanya memiliki sedikit komputer. Kemudian dari analisis perbandingan untuk dua pengalamatan yang dipakai, LAN dengan IPv6 sedikit lebih baik secara partial daripada LAN IPv4, tetapi ada juga layanan yang boleh dikatakan tidak ada perbedaan bila menggunakan IPv4 maupun IPv6 bila dilihat dari sisi user. Oleh karena itu, hasil penelitian ini belum dapat memberikan pertimbangan yang spesifik dalam memutuskan pembangunan LAN dengan pengalamatan tertentu, tetapi diharapkan cukup sebagai sebuah referensi yang baik ke depannya.Kata Kunci : Denial of service (DoS), Local Area Network, dual stack, Windows, IPv4, IPv6, response time, transfer time, throughputABSTRACT: As one of the network threats, Denial of service always spread into one and many variations. The main differentiation between Denial of service and other threats is the vulnerability that Denial of service try to attack is the sistem in which the data are transferred, not the particular data. In this research, Denial of service will be tried to observe by done it on a simple Local Area Network consists of three computers use Windows operating system that supports both IPv4 and IPv6 protocols. IPv4 is the current network addressing model that many systems use nowadays and IPv6 is the other network addressing model that is predicted to replace IPv4 in the near future. Paramaters which are used in this research are relatively make sense for user consist of response time, transfer time, jitter, and throughput. The attack experiment and process of determining parameters above will be separated into both network addressing models, IPv4 and IPv6.From the experiment, it could be known that the impacts on the services given by Denial of service is certainly negative but they are relatively not too big as the Local Area Network here only consist of a small number of computers. Then from the comparition analysis between these two addressing models, we can gain that IPv6 network is a little bit better for some particular services than IPv4 network, but in the other hand some services do not show any respectable differences for user between these two ones. So the results from this research should not be used particularly for a network development and to decide which addressing model might be used, as there area many aspects should be noticed in this case. But at least this experiment could be used as an useful reference.Keyword: Denial of service (DoS), Local Area Network, dual stack, Windows, IPv4, IPv6, response time, transfer time, throughpu

Sistem Keamanan Server Linux CentOS Dengan Metode Port Knock dan RST Cookies

The increase in online-based services makes a security system for server computers increasingly needed. A server computer is a device that must always be available to be accessed anytime and anywhere. Some of the security systems needed for server computers include security for ssh port access for remote server access needs and a security system to protect servers from Denial of Service (DoS) attacks which can make the server down and completely inaccessible. In this study, a security system is proposed for a server computer with the Linux CentOS operating system on a port 22 secure shell(ssh) access system using the port knock method and a security system to prevent Denial of Service (DoS) attacks on server computers using the RST Cookies method. The simulation results from the port 22 Secure Shell (SSH) access experiment for the server computer can work well where port 22 Secure Shell(SSH) will remain closed and cannot be accessed carelessly except by accessing several ports first according to predefined port knocking rules. Likewise, the implementation of a security system with the RST Cookies method works very well to prevent Denial of Service (DoS) attacks and can still keep the server accessible with a good response time of under 1 m