Perancangan dan Implementasi Instrusion Detection System di Jaringan Universitas Diponegoro
Abstract: The use of
information technology gives the advantage of open access for its users, but a
new problem arises that there is a threat from unauthorized users. Intrusion
Detection System (IDS) is applied to assist administrator to monitoring network
security. IDS displays illegal access information in a raw form which is
require more time to read the detected threats. This final project aims to
design an IDS with web application which is made for pulling information on IDS
sensor database, then processing and representing them in tables and graphs
that are easy to understand. The web application also has IpTables firewall
module to block attacker's IP address. The hardware used is Cisco IPS 4240, two
computers Compaq Presario 4010F as client and gateway, and Cisco Catalyst 2960
switch. The software used is Ubuntu 12.0 LTS Precise operating system,
BackTrack 5 R1 operating system, PHP 5.4 programming language, MySQL 5
database, and web-based system configuration tool Webmin. Testing is done using
several BackTrack applications with the aim of Cisco IPS 4240 is capable of
detecting accordance with the applicable rules. Each events of any attack
attempt or threat was obtained from IDS sensor database in XML form. XML file
is sent using Security Device Event Exchange (SDEE) protocol. The web
application is tested by looking at the output tables and graphs that displays
the appropriate results of sensor detection. This study generated an intrusion
detection system that is easier to monitor. Network packets copied by the Cisco
2960 switch and then forwarded to the sensor. Intruder detection is done by
Cisco IPS 4240 sensor. Log detection processed by the web application into
tables and graphs. Intrusion detection systems are intended to improve network
security.
Penulis: Dyakso Anindito
Nugroho, Adian Fatchur Rochim, Eko Didik Widianto
Kode Jurnal: jptkomputerdd150530