入侵防御系统(IPS)作为一个基于网站的服务器安全系统和移动应用程序的实现

Rayco William, Ikhwan Ruslianto, Uray Ristian
{"title":"入侵防御系统(IPS)作为一个基于网站的服务器安全系统和移动应用程序的实现","authors":"Rayco William, Ikhwan Ruslianto, Uray Ristian","doi":"10.24114/cess.v8i1.40258","DOIUrl":null,"url":null,"abstract":"Server is a center for providing services and storing data in a computer network. A server is managed by server administrator who has a duty of monitoring security server. While on duty, there are deficiencies in detecting attacks, the slow information about the attacks, and how to handle attacks on the server. In this research, a server security system was created by implementing an Intrusion Prevention System (IPS) based on website and mobile applications. Attack detection focuses on ICMP and TCP port attacks with the latency time when the system responds to an attack is 99,89 ms (very good). The attack handling system was successfully carried out using Iptables against the attacker's IP that detected by the Suricata system through the website and mobile applications, to be given action which is divided into Drop, Reject and Accept. Administrators can quickly take the necessary precautions after receiving an automatic notification when the server is under attack via Telegram with an average speed is 3.41second. The ping attack, port scanning and ping of death (DoS) attacks resulted in an increase in the performance load on the local server with the initial conditions of CPU performance ranging from 10-19%, increasing when a ping attack occurred to 21,6%, memory 41,7%, and disk 19,6%. Port scanning increased by 85,9% CPU, memory 41,9%, and disk 20,3%. Ping of death increased CPU 90,4%, memory 42,9%, and disk 20,8%. Based on the tests that have been done, an excessive increase is found in the ping of death attack which results in server performance increasing to 90,4%, if the attack occurs for a long time then the server condition will be hang (damaged).","PeriodicalId":53361,"journal":{"name":"CESS Journal of Computer Engineering System and Science","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2023-01-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Implementation of Intrusion Prevention System (IPS) as a Website-Based Server Security System and Mobile Application\",\"authors\":\"Rayco William, Ikhwan Ruslianto, Uray Ristian\",\"doi\":\"10.24114/cess.v8i1.40258\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Server is a center for providing services and storing data in a computer network. A server is managed by server administrator who has a duty of monitoring security server. While on duty, there are deficiencies in detecting attacks, the slow information about the attacks, and how to handle attacks on the server. In this research, a server security system was created by implementing an Intrusion Prevention System (IPS) based on website and mobile applications. Attack detection focuses on ICMP and TCP port attacks with the latency time when the system responds to an attack is 99,89 ms (very good). The attack handling system was successfully carried out using Iptables against the attacker's IP that detected by the Suricata system through the website and mobile applications, to be given action which is divided into Drop, Reject and Accept. Administrators can quickly take the necessary precautions after receiving an automatic notification when the server is under attack via Telegram with an average speed is 3.41second. The ping attack, port scanning and ping of death (DoS) attacks resulted in an increase in the performance load on the local server with the initial conditions of CPU performance ranging from 10-19%, increasing when a ping attack occurred to 21,6%, memory 41,7%, and disk 19,6%. Port scanning increased by 85,9% CPU, memory 41,9%, and disk 20,3%. Ping of death increased CPU 90,4%, memory 42,9%, and disk 20,8%. Based on the tests that have been done, an excessive increase is found in the ping of death attack which results in server performance increasing to 90,4%, if the attack occurs for a long time then the server condition will be hang (damaged).\",\"PeriodicalId\":53361,\"journal\":{\"name\":\"CESS Journal of Computer Engineering System and Science\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-01-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"CESS Journal of Computer Engineering System and Science\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.24114/cess.v8i1.40258\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"CESS Journal of Computer Engineering System and Science","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.24114/cess.v8i1.40258","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

摘要

服务器是计算机网络中提供服务和存储数据的中心。服务器由服务器管理员管理,服务器管理员的职责是监视安全服务器。在执勤时,在检测攻击、攻击信息缓慢、如何处理服务器上的攻击等方面存在不足。在本研究中,通过实施基于网站和移动应用的入侵防御系统(IPS),构建了一个服务器安全系统。攻击检测主要针对ICMP和TCP端口的攻击,系统响应攻击的延迟时间为99,89 ms(很好)。攻击处理系统使用Iptables对Suricata系统通过网站和移动应用程序检测到的攻击者IP成功执行攻击处理,并给予攻击者Drop、Reject和Accept三种动作。当服务器受到攻击时,通过Telegram收到自动通知后,管理员可以迅速采取必要的预防措施,平均速度为3.41秒。ping攻击、端口扫描和DoS (ping of death)攻击导致本地服务器的性能负载增加,CPU性能初始条件为10-19%,发生ping攻击时,性能负载增加到21.6%,内存41.7%,磁盘19.6%。端口扫描增加了85.9%,CPU、内存和磁盘分别增加了41.9%和20.3%。Ping死亡使CPU增加了904%,内存增加了42.9%,磁盘增加了20.8%。根据已经完成的测试,发现ping of death攻击增加过多,导致服务器性能提高到904%,如果长时间发生攻击,则服务器状态会挂起(损坏)。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Implementation of Intrusion Prevention System (IPS) as a Website-Based Server Security System and Mobile Application
Server is a center for providing services and storing data in a computer network. A server is managed by server administrator who has a duty of monitoring security server. While on duty, there are deficiencies in detecting attacks, the slow information about the attacks, and how to handle attacks on the server. In this research, a server security system was created by implementing an Intrusion Prevention System (IPS) based on website and mobile applications. Attack detection focuses on ICMP and TCP port attacks with the latency time when the system responds to an attack is 99,89 ms (very good). The attack handling system was successfully carried out using Iptables against the attacker's IP that detected by the Suricata system through the website and mobile applications, to be given action which is divided into Drop, Reject and Accept. Administrators can quickly take the necessary precautions after receiving an automatic notification when the server is under attack via Telegram with an average speed is 3.41second. The ping attack, port scanning and ping of death (DoS) attacks resulted in an increase in the performance load on the local server with the initial conditions of CPU performance ranging from 10-19%, increasing when a ping attack occurred to 21,6%, memory 41,7%, and disk 19,6%. Port scanning increased by 85,9% CPU, memory 41,9%, and disk 20,3%. Ping of death increased CPU 90,4%, memory 42,9%, and disk 20,8%. Based on the tests that have been done, an excessive increase is found in the ping of death attack which results in server performance increasing to 90,4%, if the attack occurs for a long time then the server condition will be hang (damaged).
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
40
审稿时长
4 weeks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信