Keamanan Jaringan dengan Cowrie Honeypot dan Snort Inline-Mode sebagai Intrusion Prevention System
Network Security with Cowrie Honeypot and Snort Inline-Mode as Intrusion Prevention System
Abstract
Computer network systems have been designing to share resources. Sharing resources process, data security, and confidentiality are main issues in anticipating misuse of the access to information by unauthorized parties. The solution to anticipating these problems is the availability of a security system capable of handling various intruders who threaten the system and protect network resources. This study builds and analyzes the performance of computer network security using cowrie honeypot and snort inline-mode as an Intrusion Prevention System (IPS). The development process goes through the stages of analysis, design, implementation, and monitoring. The content analysis method has been using to explore the problems and requirements of the system built. The security system was build by configuring the IP address and network system devices (server, remote admin, client attacker). The test has been carrying out on 3 test parameters (confidentiality, availability, and integrity), comparison testing method has been using to test the integrity parameters. The test results indicate that the system functionality test for user needs have fulfilled, the results of the confidentiality test (83.3%), availability (93.3%), and the integrity of the inline-mode snort show faster response time (0.069 seconds on average) and more CPU resource usage efficient (0.04% average) than the cowrie honeypot. IPS snort inline-mode overall integrity parameter testing is more recommended for used network security systems than cowrie honeypots.
Downloads
References
Asosiasi Penyelenggara Jasa Internet Indonesia (APJII), 2020. Laporan Survei Internet APJII 2019-2020 (Q2). [Online] Tersedia di: https://apjii.or.id/survei
Qing W., and Hongju C. 2016. Computer Network Security and Defense Technology Research. In 2016 8th International Conference on Measuring Technology and Mechatronics Automation, ICMTMA. Macau, China 11-12 March 2016. IEEE. doi: 10.1109/ICMTMA.2016.47
Kacar, M. S., and Oztoprak, K. 2017. Network Security Scoring. In 11th International Conference on Semantic Computing, ICSC. San Diego, USA 30 Jan-1 Feb 2017. IEEE.
doi: 10.1109/ICSC.2017.86
Raji A., and Adam M. 2020. Enhancing Public Cloud Security by Developing a Model For User Authentication and Data Integrity Checking. In 7th International Conference on Computer Science and Information Technology (SCCSIT7)7. Khartoum, Sudan. doi: 10.1145/1234567891
Vishnevsky A., and Klyucharev P. 2017. A Survey of Game-Theoretic Approaches to Modeling Honeypots. In the VIII All-Russian Scientific and Technical Conference on Secure Information Technologies (BIT 2017), 2081 (4), pp.139-142. urn:nbn:de:0074-2081-4
Sagala A., 2015. Automatic SNORT IDS Rule Generation Based on Honeypot Log. In 7th International Conference on Information Technology and Electrical Engineering (ICITEE). Chiang Mai, Thailand 29-30 Oct 2015. IEEE. doi: 10.1109/ICITEED.2015.7409013
Pratama, R. F., Suwastika, N. A., and Nugroho, M. A. 2018. Design and Implementation Adaptive Intrusion Prevention System (IPS) for Attack Prevention in Software-Defined Network (SDN) Architecture. In 6th International Conference on Information and Communication Technology (ICoICT). Bandung, Indonesia 3-5 May 2018. IEEE. doi: 10.1109/ICoICT.2018.8528735
Cabral W.Z., Valli C., Sikos L.F., and Wakeling A.G. 2019. Review and Analysis of Cowrie Artefacts and Their Potential to be used Deceptively. In 2019 International Conference on Computational Science and Computational Intelligence (CSCI). Las Vegas, United States 5-7 December 2019. IEEE. doi: 10.1109/CSCI49370.2019.00035
Lakh Y., and Shymkiv R. 2019. Using Honeypot Programs for Providing Defense of Banking Network Infrastructure. In 2019 International Scientific-Practical Conference Problems of Infocommunications. Science and Technology. Kyiv, Ukraina 8-11 Oct 2019. IEEE. doi: 10.1109/PICST47496.2019.9061550
Kyriakou A., and Sklavos N. 2018. Container-Based Honeypot Deployment for the Analysis of Malicious Activity. In Global Information Infrastucture and Networking Symposium (GIIS). Thessaloniki, Greece 23-25 Oct 2018. IEEE. doi: 10.1109/GIIS.2018.8635778
Nugroho, OW. 2020. Implementasi Sistem Keamanan Jaringan Intrusion Prevention System (IPS) Menggunakan IPTables dengan Notifikasi berbasis Telegram pada SMK Siang Surabaya. Jurnal Manajeman Informatika, 11 (1) 99.1-16
Ma’sum M.S., Irwansyah M.A., and Priyanto H. 2017. Analisis Perbandingan Sistem Keamanan Jaringan Menggunakan Snrt dan Netfilter. Jurnal Sistem dan Teknologi Informasi (JUSTIN), 5 (1) pp.56-60
Rianafirin K., and Kurniawan M.T. 2017.Design Network Security Infrastructure Cabling Using Network Development Life Cycle Methodology and ISO/IEC 27000 Series in Yayasan Kesehatan (Yakes) Telkom Bandung. In 4th International Conference on Computer Applications and Information Processing Technology (CAIPT). Kuta Bali, Indonesia 8-10 Agustus 2017. IEEE. doi: 10.1109/CAIPT.2017.8320681
Sulistyanto I.H. 2015. Implementasi High Availability Server Dengan Teknik Failover Virtual Computer Cluster. Skripsi. Universitas Muhammadiyah Surakarta.
Cadet F., and Fokum D.T. 2016. Coping with denial-of-service attacks on the IP telephony system. In SoutheastCon 2016. Norfolk, VA, USA 30 March-3 April 2016. IEEE. doi: 10.1109/SECON.2016.7506691
Copyright (c) 2021 Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi)
This work is licensed under a Creative Commons Attribution 4.0 International License.
Copyright in each article belongs to the author
- The author acknowledges that the RESTI Journal (System Engineering and Information Technology) is the first publisher to publish with a license Creative Commons Attribution 4.0 International License.
- Authors can enter writing separately, arrange the non-exclusive distribution of manuscripts that have been published in this journal into other versions (eg sent to the author's institutional repository, publication in a book, etc.), by acknowledging that the manuscript has been published for the first time in the RESTI (Rekayasa Sistem dan Teknologi Informasi) journal ;