Akbar, Salman (2016) Analisis Performansi Intrusion Detection System, Firewall, Honeypot Dan Load Balancer Dalam Rangka Mitigasi Serangan DOS Dan DDOS Pada LPSE Kab. Luwu Timur - Performance Analysis Of Intrusion Detection System, Firewall, Honeypot And Load Balancer To Mitigate DOS And DDOS Attack On The LPSE Of Luwu Timur Regency. Masters thesis, Institut Teknologi Sepuluh Nopember.
Preview |
Text
2214206711-Master thesis.pdf - Published Version Download (2MB) | Preview |
Abstract
Internet dewasa ini telah menjadi hal yang penting bagi masyarakat, Internet telah mengubah cara berkomunikasi dan model bisnis, Layanan Pengadaan Secara Elektronik pemerintah yang biasa disebut (LPSE) telah menjadi bagian yang sangat penting bagi instansi pemerintahan pusat dan daerah. LPSE bagi Pemerintah Daerah dapat disebut sebagai salah satu aset yang sangat penting dalam proses pembangunan daerah. Sebagai salah satu aset penting, LPSE harus dilindungi untuk menjamin kelangsungan layanan dan untuk meminimalkan risiko gangguan layanan. Semakin canggih teknologi dan sistem informasi maka ancamannya pun akan menjadi lebih canggih. Serangan DDoS adalah salah satu ancaman yang paling banyak mengancam layanan pengadaan pemerintah. Berdasarkan Laporan Indonesia Security Incident Response Team on Internet and Infrastructure/Coordination Center (ID-SIRTII/CC) Tahun 2014, pada infrastruktur internet di Indonesia terdapat 40.446 Total Serangan DoS Januari sampai dengan pertengahan Desember 2014. Dalam penelitian ini, penulis mengevaluasi dampak dari serangan DDoS pada infrastruktur jaringan exisiting LPSE Kab. Luwu Timur, juga mengevaluasi mekanisme pertahanan pada jaringan existing seperti firewall, router dan web server. Penulis juga membandingkan implementasi Intrusion Detection System, Firewall Server Based, Honeypot Server dan Load Balancer dalam jaringan untuk memitigasi serangan DoS dan DDoS. Selama serangan UDP Flood berlangsung pada infrastruktur jaringan Existing hasil penelitian menunjukkan penggunaan CPU Firewall mencapai 100% dan pada 500 request ke web server LPSE hanya 30 request yang dapat diproses. Dibandingkan dengan topologi jaringan yang menggunakan IDS, Firewall Server Based dan Honeypot yang menunjukkan bahwa pada 500 request yang ditujukan ke web Server LPSE terdapat 499 request yang dapat direspon dan penggunaan CPU firewall hanya mencapai 15,79 %. Selanjutnya pada topologi jaringan yang menggunakan IDS, Firewall dan Load Balancer, penggunaan CPU firewall hanya 15,70 % namun pada 500 request yang ditujukan ke web Server LPSE hanya terdapat 41 request yang dapat direspon.
========================================================================================================================
The Internet nowadays has become important to current society, it has changed the way of communication and business models, The Electronic Procurement Services to government agencies which is called Layanan Pengadaan Secara Elektronik (LPSE) has become a very important part for central and local government agencies. LPSE for an agency can be termed as one of the most important assets in the process of regional development. As one of the important assets, LPSE must be protected to ensure continuity of services as well as to minimize the risk of service interruption. With the increase of sophisticated information systems and technology, the threat will also become more sophisticated. DDoS attack are one of the most threat to the government procurement services. Based on the Report of Indonesia Security Incident Response Team on Internet and Infrastructure/ Coordination Center (ID-SIRTII / CC) In 2014, there were 40.446 Total DoS attacks at the Indonesian Internet infrastructure from January to mid December 2014. In this research, author evaluated the impact of DDoS attacks on the existing network infrastructure of government procurement service and also evaluates the existing network defense mechanisms such firewall, router and web server. Author also compared the implementation of Intrusion Detection system, firewall server based, honeypot and load balancer in the network to mitigate DoS and DDoS Attack. During UDP Flood the results showed that on the existing network infrastructure, CPU usage of integrated firewall reaching 100 % and at 500 requests to the LPSE web server, there were only 30 requests that could be processed. Comparing to network topology using IDS, Firewall Server Based and Honeypot, showed only 15,79 % of CPU usage of Firewall and at 500 requests to the LPSE web server, there were 499 requests that could be responded. Furthermore, the network topology using IDS, Firewall Server Based and Load Balancer showed only 15,70 % CPU usage of Firewall but at 500 request to LPSE web server there were only 41 requests that could be processed .
| Item Type: | Thesis (Masters) |
|---|---|
| Additional Information: | RTE 621.387 8 Akb a |
| Uncontrolled Keywords: | DDoS, LPSE, IDS, Firewall, Honeypot, Load Balancer, DDoS, LPSE, IDS, Firewall, Honeypot, Load Balancer. |
| Subjects: | T Technology > TK Electrical engineering. Electronics Nuclear engineering > TK5101 Telecommunication |
| Divisions: | Faculty of Industrial Technology > Electrical Engineering |
| Depositing User: | ansi aflacha |
| Date Deposited: | 17 Dec 2019 03:27 |
| Last Modified: | 17 Dec 2019 03:27 |
| URI: | http://repository.its.ac.id/id/eprint/72391 |
Actions (login required)
 |
View Item |