Rancang Bangun Sistem Pengiriman Alert Instrusion Detection System Suricata Melalui Telegram

Zaki Akhyar

Abstrak


Abstrak— Instrusion detection system (IDS) Suricata merupakan sebuah aplikasi berbasis open source yang dapat mendeteksi aktivitas yang mencurigakan dalam sebuah jaringan komputer. IDS Suricata memantau lalu lintas (trafic) yang melewatinya dan mengeluarkan peringatan (alert) jika ada paket yang mencurigakan. Alert tersebut dikirimkan kedalam log file. Salah satu log file untuk menampung alert (output) suricata adalah unified2. Informasi pada unified2 akan dikirimkan kedalam database snorby melalui barnyard2. Pada penelitian ini digunakan intrusion detection system suricata untuk mendeteksi serangan pada jaringan. Kemudian hasil deteksi (output) suricata  tersebut akan dikirimkan ke handphone administrator melalui pesan instan telegram. Informasi yang dikirimkan terdiri dari, waktu serangan, ip sumber, ip tujuan, dan nama serangan. Dengan demikian Administrator akan mendapatkan informasi secara realtime tentang serangan yang terjadi pada jaringan. Dari hasil penelitian diperoleh bahwa sistem telah berhasil mengirimkan notifikasi/pesan secara realtime ke handphone administrator apabila ada serangan yang terdeteksi oleh suricata.

Kata kunci— IDS, Pengiriman Alert, Suricata, Suricata Alert, Telegram.

 

Abstract— Instrusion detection system (IDS) Suricata is an open source based application that can detect suspicious activity in a computer network. IDS Suricata monitors the traffic (traffic) that passes through it and issues an alert when a suspicious package exists. The alerts are sent to the log file. One log file to accommodate alert (output) suricata is unified2. Information on unified2 will be sent to the snorby database via barnyard2. In this study used intricular detection system suricata to detect attacks on the network. Then the results of detection (output) suricata will be sent to the mobile administrator via instant message telegram. The information transmitted consists of, timing of attack, source ip, destination ip, and name of attack. Thus the administrator will get information in realtime about the attacks that occur on the network. From the results of the study obtained that the system has managed to send notifications/messages in realtime to the mobile administrator if there is an attack detected by suricata.

Keywords— Alert Delivery, IDS, Suricata, Suricata Alert, Telegram.


Teks Lengkap:

PDF

Referensi


Shaik Akbar, Dr.K.Nageswara Rao, Dr.J.A.Chandula “Intrusion Detection System Methodologies Based on Data Analysis”, international Journal of Computer Application(0975-8887) Volume 5-no.2, August 2010.

Balaji Darapareddy and Vijayadeep Gummadi, “An Advanced Honeypot System for Efficient Capture and Analysis of Network Attack Traffic”, International Journal of Engineering Trends and Technology- vol. 3, no. 5, pp.616-621, 2012.

Sofyan Hadi, Periyadi,ST., M.T., Anang Sularsa, S.T., M.T. “Implementasi Network Intrusion Detection System pada Sistem Smart Identification”, e-Proceeding of Applied Science – vol.2, No.3 December 2016.

Park Wohyung, Ahn Seongjin., “Performance Comparison and Detection Analysis in Snort and Suricata Environment”, International Journal Wireless Pers Common DOI 10.1007/s11277-016-3209-9, Springer Science, New York 2016

OISF, “Suricata User Guide Release 4.0.0-dev”, Suricata, July 18,2018

Day, D.J. and B.M. Burns. A performance analysis of snort and suricata network intrusion detection and prevention engines. in The Fifth International Conference on Digital Society. 2011.

Wibowo, R.A., “Analisis dan Implementasi IDS Menggunakan Snort pada Cloud Server di Jogja Digital Valley”, Naskah Publikasi, Jurusan Teknik Informatika SMIK AMIKOM Yogyakarta, Yogyakarta, 2014.

Forensic Wiki. “Barnyard2”, Forensicwiki.org, 2013. https://www.forensicswiki.org/wiki/Barnyard2 (Di akses terakhir : 6 Juni 2018,12.45).

Shivangi Shandilya, “Shell Scripting And Shell Programming In Unix”, International Journal Of Innovative Research In Technology (IJIRT 101640), 2014.

Moch Fajar, “Pengantar Pemrograman Bash Shell di Linux”. Linux.or.id 2002. http://pemula.linux.or.id/programming/bash-shell.html (Di akses terakhir : 29 Agustus 2018, 21.53).

Bernaeth, Nicolas., “Debian - Send your Server Notifications thru Telegram”, Dyndns.org. http://bernaerts.dyndns.org/linux/75-debian/351-debian-send-telegram-notification (Di akses terakhir : 26 Okt 2017, 6:51).

Hadil Deekshith., “Get Server Notification on Telegram App”, Assistanz.com. https://www.assistanz.com/get-server-notification-telegram-app/ (Di akses terakhir : 27 Agustus 2018, 22:30).


Refbacks

  • Saat ini tidak ada refbacks.


Hak Cipta (c) 2019 Prosiding Seminar Nasional Politeknik Negeri Lhkseumawe



Creative Commons License

Prosiding Seminar Nasional Politeknik Negeri Lhokseumawe is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License

© 2017 All rights reserved |Seminar nasional Politeknik Negeri Lhokseumawe p-ISSN:2598-3954.

.