基于HIPS Snort的树莓派抗DOS攻击的网络安全实现与分析

2023 International Conference on Computer Science, Information Technology and Engineering (ICCoSITE) Pub Date : 2023-02-16 DOI:10.1109/ICCoSITE57641.2023.10127741

Alfarizi Wiranata, N. Karna, A. Irawan, Ian Agung Prakoso

{"title":"基于HIPS Snort的树莓派抗DOS攻击的网络安全实现与分析","authors":"Alfarizi Wiranata, N. Karna, A. Irawan, Ian Agung Prakoso","doi":"10.1109/ICCoSITE57641.2023.10127741","DOIUrl":null,"url":null,"abstract":"Cyber-attack is an inevitable risk from any business in internet era. Cyber-attack can originate from both internal employees and external sources. The office network can be in danger due to cyber-attack and can disturb the workflow. This issue can be prevented by Host Intrusion Prevention System (HIPS) Snort that secures the network through smart security in a box system with Raspberry Pi as the firewall to protect the user devices against Denial of Service (DoS) attacks. Raspberry Pi is configured to be the firewall with installing the HIPS Snort as a defence system to protect the user's work devices. This smart security in a box is installed between the user's devices before connected to the office network. The smart security in a box detects the misuse in the network for all data packets that are suspected of being DoS attacks and drops them. DoS attacks using SYN Flood and UDP Flood are going to put Snort to the test. The successful client connection when Snort is running are only the average of 48.60% and 46.31% for SYN Flood and UDP Flood attack respectively. When Snort is running, HIPS Snort can drop the average of 41.48% of SYN Flood attack and 28.27% of UDP Flood attack packets. CPU and Memory usage are higher when Snort is running. DoS SYN Flood attack consumes more CPU and Memory usage of Raspberry Pi with the average of 83.60% and 76.75% respectively when Snort is running.","PeriodicalId":256184,"journal":{"name":"2023 International Conference on Computer Science, Information Technology and Engineering (ICCoSITE)","volume":"43 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-02-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Implementation and Analysis of Network Security in Raspberry Pi against DOS Attack with HIPS Snort\",\"authors\":\"Alfarizi Wiranata, N. Karna, A. Irawan, Ian Agung Prakoso\",\"doi\":\"10.1109/ICCoSITE57641.2023.10127741\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cyber-attack is an inevitable risk from any business in internet era. Cyber-attack can originate from both internal employees and external sources. The office network can be in danger due to cyber-attack and can disturb the workflow. This issue can be prevented by Host Intrusion Prevention System (HIPS) Snort that secures the network through smart security in a box system with Raspberry Pi as the firewall to protect the user devices against Denial of Service (DoS) attacks. Raspberry Pi is configured to be the firewall with installing the HIPS Snort as a defence system to protect the user's work devices. This smart security in a box is installed between the user's devices before connected to the office network. The smart security in a box detects the misuse in the network for all data packets that are suspected of being DoS attacks and drops them. DoS attacks using SYN Flood and UDP Flood are going to put Snort to the test. The successful client connection when Snort is running are only the average of 48.60% and 46.31% for SYN Flood and UDP Flood attack respectively. When Snort is running, HIPS Snort can drop the average of 41.48% of SYN Flood attack and 28.27% of UDP Flood attack packets. CPU and Memory usage are higher when Snort is running. DoS SYN Flood attack consumes more CPU and Memory usage of Raspberry Pi with the average of 83.60% and 76.75% respectively when Snort is running.\",\"PeriodicalId\":256184,\"journal\":{\"name\":\"2023 International Conference on Computer Science, Information Technology and Engineering (ICCoSITE)\",\"volume\":\"43 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-02-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 International Conference on Computer Science, Information Technology and Engineering (ICCoSITE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCoSITE57641.2023.10127741\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 International Conference on Computer Science, Information Technology and Engineering (ICCoSITE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCoSITE57641.2023.10127741","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

网络攻击是互联网时代任何企业都不可避免的风险。网络攻击既可以来自内部员工，也可以来自外部。由于网络攻击，办公网络可能处于危险之中，扰乱工作流程。这个问题可以通过主机入侵防御系统(HIPS) Snort来防止，它通过在一个盒子系统中的智能安全来保护网络，树莓派作为防火墙来保护用户设备免受拒绝服务(DoS)攻击。树莓派被配置为防火墙，安装HIPS Snort作为防御系统来保护用户的工作设备。这种智能保险箱在连接到办公网络之前安装在用户设备之间。盒子里的智能安全检测到网络中所有被怀疑是DoS攻击的数据包的滥用，并将其丢弃。使用SYN Flood和UDP Flood的DoS攻击将对Snort进行测试。Snort运行时，SYN Flood攻击和UDP Flood攻击的客户端连接成功率平均仅为48.60%和46.31%。Snort运行时，HIPS Snort平均能拦截41.48%的SYN Flood攻击和28.27%的UDP Flood攻击。运行Snort时，CPU和内存使用率较高。DoS SYN Flood攻击对树莓派CPU和内存的占用率更高，在Snort运行时平均占用83.60%和76.75%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Implementation and Analysis of Network Security in Raspberry Pi against DOS Attack with HIPS Snort

Cyber-attack is an inevitable risk from any business in internet era. Cyber-attack can originate from both internal employees and external sources. The office network can be in danger due to cyber-attack and can disturb the workflow. This issue can be prevented by Host Intrusion Prevention System (HIPS) Snort that secures the network through smart security in a box system with Raspberry Pi as the firewall to protect the user devices against Denial of Service (DoS) attacks. Raspberry Pi is configured to be the firewall with installing the HIPS Snort as a defence system to protect the user's work devices. This smart security in a box is installed between the user's devices before connected to the office network. The smart security in a box detects the misuse in the network for all data packets that are suspected of being DoS attacks and drops them. DoS attacks using SYN Flood and UDP Flood are going to put Snort to the test. The successful client connection when Snort is running are only the average of 48.60% and 46.31% for SYN Flood and UDP Flood attack respectively. When Snort is running, HIPS Snort can drop the average of 41.48% of SYN Flood attack and 28.27% of UDP Flood attack packets. CPU and Memory usage are higher when Snort is running. DoS SYN Flood attack consumes more CPU and Memory usage of Raspberry Pi with the average of 83.60% and 76.75% respectively when Snort is running.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2023 International Conference on Computer Science, Information Technology and Engineering (ICCoSITE)

自引率

0.00%

发文量