Analisis Performa Network Intrusion Detection System (Nids) Menggunakan Metode Signature Based dalam Mendeteksi Serangan Denial Of Service (Dos) Berbasis Udp Flooding

Abstract

Cloud computing telah menjadi tren teknologi yang digunakan oleh berbagai kalangan terutama para pelaku startup dan Perusahaan besar. Beberapa kelebihan yang ditawarkan cloud computing seperti kemudahan untuk membuat layanan cloud sendiri, hemat biaya infrastruktur dan fleksibel dalam menambah atau mengurangi kapasitas layanan sesuai dengan kebutuhan. Terlepas dari kelebihan-kelebihan tersebut, aspek keamanan cloud computing menjadi salah satu faktor yang harus diperhatikan oleh Perusahaan. Penggunaan antivirus dan firewall belum menjamin sistem cloud sepenuhnya aman. Selain itu keterbatasan administrator dalam memonitor traffic dan serangan di seluruh bagian jaringan cloud menjadi kendala dalam pengelolaan cloud computing. Salah satu solusi untuk meningkatkan keamanan jaringan, memonitor serta mengawasi traffic serangan pada cloud computing adalah Network-based Intrusion Detection System (NIDS). NIDS merupakan salah satu jenis Intrusion Detection System (IDS) yang dapat melakukan pemantauan terhadap serangan serta traffic pada seluruh bagian jaringan. Signature based adalah salah satu metode yang dapat digunakan NIDS dalam mengidentifikasi setiap paket data yang keluar dan masuk ke jaringan. Pada penelitian ini, penulis melakukan uji performa NIDS dengan metode Signature Based dalam mendeteksi serangan DoS berbasis UDP Flooding. Penelitian ini juga melakukan analisis terhadap hasil dan evaluasi performa NIDS untuk mengetahui kinerja diterapkannya NIDS dan keakuratan NIDS dalam mengklasifikasikan serangan. Kata Kunci : IDS, Network Intrusion Detection System, NIDS, Cloud Computing, Signature Based Nowadays, cloud computing has become a new trend technology used in various areas, especially in startup and big companies. Cloud computing offers some advantages such as the easiness to create their own cloud services, cost-effective infrastructure and flexible to increase or decrease the capacity of the service in accordance with the requirements. Apart from these advantages, the security aspects of cloud computing is becoming one of the factors that must be considered by the company. The use of antivirus and firewall doesn't guarantee the cloud system is fully secure. Besides that, the limitation of administrator to monitor traffic and attacks throughout the cloud network become a constraint in cloud computing management. One solution to improve network security, traffic monitoring and overseeing attacks on cloud computing using Network-based Intrusion Detection System (NIDS). NIDS is one type of Intrusion Detection System (IDS) which can monitor the attacks and traffic throughout the network. Signature Based is one method that can be used NIDS to identify each packet of data in or out to the network. In this research, the author conducted performances test NIDS with Signature Based method based on UDP Flooding. This research also perform conducted analysis of the result and performance evaluation of NIDS on cloud computing. The aim to determine the performance of NIDS and the accuracy of NIDS in classifying attacks. Kata Kunci : IDS, Network Intrusion Detection System, NIDS, Cloud Computing, Signature Based DAFTAR PUSTAKA R. Eka, “Tren Penggunaan Teknologi Cloud Di Kalangan UKM Indonesia Terus Bertumbuh,” Korpora.net, 7 Februari 2015. [Online]. Available: http://www.korpora.net/post/tren-penggunaan-teknologi-cloud-di-kalangan-ukm-Indonesia-terus-bertumbuh/. [Diakses 15 Februari 2015]. J. Enterprise, “Jenis Layanan Cloud Computing,” dalam Trik Mengoperasikan PC Tanpa Software, Jakarta, PT Elex Media Komputindo, 2010, p. 3. Deliusno, “Cloud Computing Cocok untuk Startup,” Kompas Tekno, 5 Oktober 2012. [Online]. Available: http://tekno.kompas.com/read/2012/10/05/18554681/quotcloud.computing.cocok.untuk.startupquot. [Diakses 20 Februari 2015]. Omegasoft, “Keuntungan Cloud Computing bagi Perusahaan dan Individu,” 18 Maret 2014. [Online]. Available: http://omegasoft.co.id/2014/03/18/2001/keuntungan-cloud-computing-bagi-Perusahaan-dan-individu/. [Diakses 4 Maret 2015]. A. S. Pillai dan L. Swasthimathi, “A Study On Open Source Cloud Computing Platforms,” EXCEL International Journal of Multidisciplinary Management Studies, vol. 2, no. 7, pp. 31-40, 2012. O. Sefraoui, M. Aissaoui dan M. Eleuldj, “ Applications OpenStack: Toward an Open-Source Solution for Cloud Computing,” International Journal of Computer, vol. 55, no. 3, pp. 38-42, 2012. Z. Tan, U. T. Nagar, X. He, P. Nanda, R. P. Liu, S. Wang dan J. Hu, “Enhancing Big Data Security with Collaborative Intrusion Detection,” IEEE Cloud Computing, pp. 27-33, 2014. R. A. Wibowo, “Analisis Dan Implementasi IDS Menggunakan Snort,” (Skripsi), 2014. L. Putri, “Implementasi Intrusion Detection System (IDS) Menggunakan Snort Pada Jaringan Wireless (Studi Kasus : SMK Triguna Ciputat),” (Skripsi), 2011. J. T. Rodfoss, “Comparison of Open Source Network Intrusion Detection Systems,” p. 2011. M. Pihelgas, “A Comparative Analysis of Opensource Intrusion Detection Systems,” 2012. V. Kumar dan O. P. Sangwan, “Signature Based Intrusion Detection System using SNORT,” International Journal of Computer Applications & Information Technology, vol. I, no. III, pp. 35-41, 2012. R. U. Rehman, Intrusion Detection Systems with Snort - Advanced IDS Techniques Using Snort, Apache, MySQL, PHP, and ACID, New Jersey: Prentice Hall PTR, 2003. Sukirmanto, “Rancang Bangun dan Implementasi Keamanan Jaringan Komputer Menggunakan Metode Intrusion Detection System (IDS) pada SMP ISLAM TERPADU PAPB,” 2012. P. Mell dan T. Grance, “The NIST Definition of Cloud Computing,” Computer Security, 2011. D. Rani dan R. K. Ranjan, “Comparative Study of SaaS, PaaS and IaaS in Cloud Computing,” International Journal of Advanced Research in Computer Science and Software Engineering Research, vol. 4, no. 6, pp. 158-161, 2014. Alex, “Apa itu Public Cloud, Private Cloud dan Hybrid Cloud?,” 28 April 2012. [Online]. Available: http://www.cloudindonesia.or.id/apa-itu-public-cloud-private-cloud-dan-hybrid-cloud.html. [Diakses 6 Maret 2015]. S. Singh dan T. Jangwal, “Cost breakdown of public cloud computing and private cloud computing and security issues,” International Journal of Computer Science & Information Technology (IJCSIT), vol. 4, no. 2, pp. 17-31, 2012. E. Kurniawan, “Perbandingan antara private & public cloud computing,” 27 September 2013. [Online]. Available: http://www.ekurniawan.net/it-articles/internet/159-perbandingan-antara-private-a-public-cloud-computing.html. [Diakses 20 February 2015]. A. Sehgal, “Introduction to OpenStack - Running a Cloud Computing Infrastructure with OpenStack,” dalam 6th International Conference on Autonomous Infrastructure, Management and Security, 2012. OpenStack, “About OpenStack,” 2015. [Online]. Available: http://www.openstack.org/. [Diakses 22 Februari 2015]. OpenStack, “OpenStack Compute,” 2015. [Online]. Available: http://www.openstack.org/software/openstack-compute/. [Diakses 22 Februari 2015]. OpenStack, “OpenStack Network,” 2015. [Online]. Available: http://www.openstack.org/software/openstack-networking/. [Diakses 22 Februari 2015]. R. Alvianus, “OpenStack Overview,” 25 Januari 2015. [Online]. Available: http://alvianus.com/2015/01/25/openstack-overview/. [Diakses 22 Februari 2015]. OpenStack, “Chapter 1. Get started with OpenStack,” 2015. [Online]. Available: http://docs.openstack.org/admin-guide-cloud/content/ch_getting-started-with-openstack.html. [Diakses 22 Februari 2015]. R. Alvianus, “Instalasi OpenStack Menggunakan Devstack,” 13 Jannuari 2015. [Online]. Available: http://alvianus.com/2015/01/13/instalasi-openstack-menggunakan-devstack/. [Diakses 25 Februari 2015]. K. Scarfone dan P. Mell, “Guide to Intrusion Detection and Prevention Systems (IDPS),” 2007. I. Susanto, “Penerapan Easy Intrusion Detection System (EASYIDS) Sebagai Pemberi Peringatan Dini Kepada Administrator Sistem Jaringan,” 2010. D. Ariyus, Intrusion Detection System, Sistem Pendeteksi Penyusup Pada Jaringan Komputer, Yogyakarta: Penerbit Andi, 2007. P. K. Shelke, S. Sontakke dan A. D. Gawande, “Intrusion Detection System for Cloud Computing,” International Journal of Scientific & Technology Research, vol. I, no. 4, 2012. Snorby, “Ruby On Rails Application For Network Security Monitoring,” 2015. [Online]. Available: https://www.snorby.org/. [Diakses 27 Februari 2015]. R. B. Adi, “Keamanan Jaringan Menggunakan SNORT,” Kompasiana, 10 July 2013. [Online]. Available: http://teknologi.kompasiana.com/terapan/2013/07/10/keamanan-jaringan-menggunakan-snort-575520.html. [Diakses 26 Februari 2015]. G. L. Indonesia, “GPL,” 20 Juni 2013. [Online]. Available: http://gudanglinux.com/glossary/gpl/. [Diakses 6 Maret 2015]. Snort, “Oikcodes,” 2015. [Online]. Available: https://www.snort.org/oinkcodes. [Diakses 27 Februari 2015]. Professionals, “Module 10: Denial-of-Service,” dalam Ethical Hacking and Countermeasures v8, EC-Council, p. 1403. T. Gunasekhar, K. T. Rao, P. Saikiran dan P. V. Lakshmi, “A Survey on Denial of Service Attack,” International Journal of Computer Science and Information Technologies, vol. 5, no. 2, pp. 2373-2376, 2014. M. Kusumawati, “Implementasi IDS (Intrusion Detection System) Serta Monitoring Jaringan Dengan Interface Web Berbasis BASE Pada Jaringan,” 2010. P. Shankdhar, “DOS Attacks and Free DOS Attacking Tools,” Infosec Institute, 29 Oktober 2013. [Online]. Available: http://resources.infosecinstitute.com/dos-attacks-free-dos-attacking-tools/. [Diakses 24 Maret 2015]. J. Ellingwood, “How To Use Top, Netstat, Du, & Other Tools to Monitor Server Resources,” DigitalOcean Inc, 28 Agustus 2013. [Online]. Available: https://www.digitalocean.com/community/tutorials/how-to-use-top-netstat-du-other-tools-to-monitor-server-resources. [Diakses 29 Mei 2015]. “top – display tasks and system status in Unix,” UNIX TUTORIAL COMMUNITY, [Online]. Available: http://www.unixtutorial.org/commands/top/. [Diakses 29 Mei 2015]. S. Pillai, “Linux iptraf and iftop: Monitor,Analyse Network Traffic and Bandwidth,” 25 Maret 2013. [Online]. Available: http://www.slashroot.in/linux-iptraf-and-iftop-monitor-and-analyse-network-traffic-and-bandwidth. [Diakses 25 Mei 2015]. G. Kumar, “Evaluation Metrics for Intrusion Detection Systems - A Study,” International Journal of Computer Science and Mobile Applications, vol. 2, no. 11, pp. 11-17, 2014. N. Dietrich, “Snort 2.9.7.x on Ubuntu 12 and 14 with Barnyard2, PulledPork, and BASE,” 14 January 2015. L. Xiaoming, V. Sejdini dan H. Chowdhury, “Denial of service (dos) attack with udp flood,” School of Computer Science, University of Windsor, Canada, 2010. S. M. Specht dan R. M. Lee, “Distributed Denial of Service: Taxonomies of Attacks, Tools, and Countermeasures,” dalam Proceedings of the 17th International Conference on Parallel and Distributed Computing Systems, 2004. V. Gite, “Linux Kernel Security (SELinux vs AppArmor vs Grsecurity),” NixCraft Community, 29 Mei 2009. [Online]. Available: http://www.cyberciti.biz/tips/selinux-vs-apparmor-vs-grsecurity.html. [Diakses 05 Agustus 2015]