Hasil Pencarian  ::  Simpan CSV :: Kembali

"Salah satu isu yang sangat penting dalam dunia internet saat ini adalah serangan-serangan dalam dunia maya dengan motivasi keuangan dan perangkat lunak berbahaya yang memiliki kemampuan untuk melakukan serangan secara otomatis. Honeypot dan IDS bekerja sama untuk memberikan solusi keamanan jaringan yaitu sebagai intrusion detection yang dapat mengumpulkan data serangan. Pada penelitian ini, akan dibangun sistem keamanan jaringan menggunakan Honeynet multiple sensor yang berbasis open-source. Integrasi beberapa sensor Honeypot dan IDS dalam satu sistem disebut Honeynet. Honeypot dan IDS diimplementasikan pada suatu Host komputer dengan menggunakan MHN server sebagai web server, yang didalamnya dibangun sensor-sensor seperti Dionaea, Glastopf, Wortpot, p0f, Snort, dan Suricata. Berdasarkan pengujian yang telah dilakukan diperoleh total keseluruhan alert yang berhasil direkam oleh sistem yaitu skenario 1: 5453 alert, skenario 2: 3021 alert, dan skenario 3:7035 alert dengan total keseluruhan serangan yaitu 15509 alert. Dari total keseluruhan serangan dideteksi 35% serangan berasal dari IP 192.168.1.103, 20% serangan berasal dari IP 192.168.1.104 , dan 45% serangan berasal dari IP 192.168.1.105. Hasil pengujian ini menunjukkan bahwa sistem telah berhasil menjebak, memonitoring, dan mendeteteksi serangan. Pengimplementasian sistem Honeynet ini bertujuan agar kekurangan dari suatu sensor seperti halnya hanya dapat mendeteksi serangan terhadap port dan protocol tertentu dapat diatasi oleh sensor yang lain. Sehingga apapun bentuk serangan yang ada dapat dideteksi. Penggunaan Honeynet multiple sensor berbasis open-source dapat menjadi langkah awal yang baik untuk mitigasi resiko dan sebagai peringatan awal adanya serangan cyber.

---

Recently, some of the important issues in the internet things are the attacks in a network with profit motivation and malicious software which has the ability to do the attack automatically. Honeypot and IDS are working together to give the solution for network security and act as the instrusion detection which has the ability to collect the attack's log.

This research will build network security system using multiple sensor Honeynet based on open-source. The integration of Honeypot's sensors and IDS in one system is called Honeynet. Honeypot and IDS are implemented in a computer host using MHN server as the web server, that contains various of sensors such as Dionaea, Glastopf, Wortpot, p0f, Snort, and Suricata.

Based on the research that has been done, it showed total of alerts that is successfully recorded by system are for the first scenario, there are 5453 alerts, second scenario is 3021 alerts, and the third scenario is 7035 alerts with total of alerts are 15509. From the total attacks, it is detected that 35% of the attacks are from IP address 192.168.1.103, 20% are from IP 192.168.1.104, and the 45% are from IP 192.168.1.105.

This testing result showed that the system successfully monitores and detected the attacks. The purpose of this implementation of Honeynet system is that one sensor can be able to handle another sensor's lack of ability, such as that can only detect the attack to the particular port and protocol. So, it can detect all various of attack. The application of Honeypot multiple sensors based on open-source could be the first step for the risk mitigation and acts as the first alert for the possibility of attack."

"Berdasarkan Lanskap Keamanan Siber Indonesia 2022, BSSN melaporkan terdapat 4.421.992 aktivitas APT dan 2.348 kasus defacement web di Indonesia pada tahun itu. Serangan yang ditujukan pada aplikasi web berfokus pada kelemahan aplikasi, yang disebut kelemahan atau celah keamanan. Akibatnya, penting untuk melakukan analisis dan evaluasi domain website organisasi riset tersebut. Metode yang digunakan adalah analisa deskriptif, yaitu data yang diperoleh disajikan dalam bentuk kalimat yang dideskripsikan. Sehingga memberikan kejelasan dari hasil analisis yang dilakukan. Indeks Keamanan Informasi (KAMI) sebagai alat untuk menilai kesiapan implementasi keamanan data. Serangkaian pertanyaan yang berkaitan dengan berbagai aspek digunakan untuk melakukan evaluasi. Kemudian OWASP ZAP sebagai tools vulnerability scanning, digunakan untuk mengidentifikasi tingkat kemungkinan kerentanan pada aplikasi berbasis web. Pada penelitian ini melakukan analisis dan evaluasi terhadap domain dan subdomain xyz.go.id yang terdapat di organisasi riset. Langkah pertama pengumpulan data target, selanjutnya dilakukan pengukuran dan pengujian tools dengan menggunakan Indeks KAMI pada kategori Sistem Eletronik. Langkah berikutnya dengan aplikasi OWASP ZAP digunakan untuk pengujian vulnerability scanning pada domain target. Data hasil DNSDumpster digunakan, dimana beberapa domain website xyz.go.id dijadikan sasaran penelitian untuk vulnerability scanning. Hasil penilaian Indeks KAMI menunjukkan bahwa 4 subdomain dianggap tergolong tinggi. Kemudian berdasarkan pengujian vulnerability scanning terhadap domain website xyz.go.id memiliki kerentanan dengan kategori low terdapat 15 peringatan, medium terdapat 32 peringatan, high terdapat 4 peringatan dan informational terdapat 20 peringatan. Dari hasil pengujian dapat dibuktikan pendeteksian dengan vulnerability scanning pada OWASP ZAP sangat efektif, meskipun ini tool open source sehingga tidak perlu menggunakan tool berbayar.

---

Based on the Indonesian Cybersecurity Landscape 2022, BSSN reported 4,421,992 APT activities and 2,348 web defacement cases in Indonesia that year. Attacks aimed at web applications focus on application weaknesses, called security flaws or gaps. As a result, it is important to conduct an analysis and evaluation of the research organization's website domain. The method used is descriptive analysis, in which the data obtained is presented in the form of sentences that are described. Information Security Index (KAMI Index) as a tool to assess the readiness of data security implementation A series of questions relating to various aspects are used to conduct the evaluation. Then OWASP ZAP as a vulnerability scanning tool, was used to identify the level of possible vulnerabilities in web-based applications. In this study, the analysis and evaluation of xyz.go.id domains and subdomains found in research organizations. The first step is collecting target data, then measuring and testing tools using the KAMI Index in the Electronic Systems category. The next step with the OWASP ZAP application is vulnerability scanning testing on the target domain. DNSDumpster result data is used, and several xyz.go.id website domains are used as research material for vulnerability scanning. The results of the KAMI Index assessment show that 4 subdomains are considered high. Then based on vulnerability scanning testing of the xyz.go.id website domain, it has a vulnerability with a low category of 15 warnings, a medium category of 32 warnings, a high category of 4 warnings, and an informational category of 20 warnings. From the test results, it can be proven that detection with vulnerability scanning on OWASP ZAP is very effective, even though this is an open source tool, so there is no need to use paid tools.

"

"Presents state-of-the-art research and practice in intelligence work. Describes novel tools and techniques for counterterrorism and open source intelligence. Provides perspectives on the future uses of open source intelligence. Since the 9/11 terrorist attacks in the United States, serious concerns were raised on domestic and international security issues. Consequently, there has been considerable interest recently in technological strategies and resources to counter acts of terrorism. In this context, this book provides a state-of-the-art survey of the most recent advances in the field of counterterrorism and open source intelligence, demonstrating how various existing as well as novel tools and techniques can be applied in combating covert terrorist networks. A particular focus will be on future challenges of open source intelligence and perspectives on how to effectively operate in order to prevent terrorist activities."

"Internet adalah hal yang sangat umum saat ini. Untuk memenuhi kebutuhan akses internet, banyak rumah maupun kantor yang memilih untuk menggunakan jaringan nirkabel karena fleksibilitasnya yang lebih baik dibandingkan dengan jaringan berkabel. Namun pada setiap jaringan selalu ada ancaman serangan yang dapat mengganggu konektivitas, hingga membahayakan perangkat dan data pengguna. Salah satu cara yang dapat digunakan untuk mendeteksi adanya serangan-serangan seperti ini adalah dengan menggunakan Intrusion Detection System (IDS) yang dapat memantau lalu lintas jaringan dan mendeteksi adanya aktivitas mencurigakan/berbahaya pada jaringan.Pada penelitian ini, dilakukan pengembangan sistem IDS portable dengan menggunakan Raspberry Pi, sebagai solusi IDS yang terjangkau dan efektif untuk jaringan kecil dan menengah. Kemudian dilakukan perbandingan antara 2 jenis open source IDS, yaitu Snort dan Suricata. Hasil dari 2 skenario pengujian menunjukkan bahwa pada skenario 1, Snort berhasil mendeteksi 18 dari 20 serangan, dengan persentase penggunaan RAM 11.86% dan CPU 10.16%, serta waktu deteksi 203.92 detik. Sedangkan Suricata berhasil mendeteksi seluruh serangan, dengan persentase penggunaan RAM 8.44% dan CPU 13.07%, serta waktu deteksi 178.79 detik. Sementara itu, pada skenario 2, Snort berhasil mendeteksi seluruh serangan, dengan persentase penggunaan RAM 12.18% dan CPU 8.64%, serta waktu deteksi 72.6 detik. Sedangkan Suricata berhasil mendeteksi seluruh serangan, dengan persentase penggunaan RAM 7.96% dan CPU 13.5%, serta waktu deteksi 45.33 detik.

---

Internet is a very common thing nowadays. To fulfill the need of internet access, most of households and offices choose to use wireless network rather than wired network due to its better flexibility. However, regardless of the kind of network, there is always a threat of attacks which could disrupt the connectivity, and even harm the device or user’s data. One way to detect an attack to a network is by using Intrusion Detection System (IDS) to monitor the network traffic and to detect abnormal and dangerous activities.

---

This study is about a development of a portable IDS using Raspberry Pi, and two open source IDSs, Snort and Suricata, as a cost-efficient and effective portable IDS for small and medium network. The results of 2 test scenarios show that in scenario 1, Snort managed to detect 18 out of 20 attacks, with 11.86% RAM usage, 10.16% CPU usage, and detection time of 203.92 seconds. While Suricata managed to detect all the attacks, with 8.44% RAM usage and 13.07% CPU usage, and detection time of 178.79 seconds. Meanwhile, in scenario 2, Snort managed to detect all the attacks, with 12.18% RAM usage, 8.64% CPU usage, and detection time of 72.6 seconds. While Suricata managed to detect all attacks, with 7.96% RAM usage 13.5% CPU usage, and detection time of 45.33 seconds."

"This book constitutes the refereed post-conference proceedings of the IFIP WG 11.4 International Workshop, iNetSec 2010, held in Sofia, Bulgaria, in March 2010. The 14 revised full papers presented together with an invited talk were carefully reviewed and selected during two rounds of refereeing. The papers are organized in topical sections on scheduling, adversaries, protecting resources, secure processes, and security for clouds."