Analisis Keamanan Website Terhadap Serangan DDOS Menggunakan Metode National Institute of Standards and Technology (NIST)


Authors

  • Yuliadi Yuliadi Universitas Teknologi Sumbawa, Sumbawa, Indonesia
  • Yunanri. W Universitas Teknologi Sumbawa, Sumbawa, Indonesia
  • Fahri Hamdani Universitas Teknologi Sumbawa, Sumbawa, Indonesia
  • Yasinta Bella Fitriana Universitas Muhammadiyah Papua, Jayapura, Indonesia
  • Nabila Oper Institute Teknologi & Bisnis Stikom Ambon, Ambon, Indonesia

DOI:

https://doi.org/10.30865/klik.v3i6.830

Keywords:

Analysis; Security; DDOS; Attack; NIST

Abstract

Universitas Teknologi Sumbawa adalah salah satu Perguruan Tinggi Swasta yang berada di Kabupaten Sumbawa, dalam pelayanannya Universitas Teknologi Sumbawa menyediakan informasi berupa website baik informasi pengenalan Universitas ataupun yang berkaitan dengan seputar perkuliahan. Penelitian ini bertujuan untuk menganalisa serangan DDoS pada website Universitas Teknologi Sumbawa. Serangan Distributed Denial of Service menjadi salah satu pilihan hacker karena telah terbukti menjadi ancaman didunia internet. Serangan DDoS dapat membuat suatu website menjadi lambat atau bahkan down. Pada penelitian ini melakukan pengujian serangan DDoS menggunkan Low Orbit Ion Cannon (LOIC) pada website kemudian menganalisa serangan DDoS dan memonitoring lalu lintas jaingan menggunakan wireshark. Hasil dari penelitian ini Website UTS meliki keamanan yang baik diketahu dari hasil pengujian serangan DDoS yang walaupun sudah dilakukan penyerangan dari 500, 1000,5000 hingga 10.000 Packet website masih tetap bisa diakses walaupun lambat. Rekomendasi keamanan website dengan menerapkann teknik blacklist IP dan firewall untuk mengantisipasi terjadinya serangan DDoS

Downloads

Download data is not yet available.

References

A. F. Khumara, A. Sediyono, and G. B. Santoso, “Analysis of DDoS Attack Detection Using Neural Network Backpropagation Approach,” CESS (Journal Comput. Eng. Syst. Sci., vol. 7, no. 1, p. 129, 2022, doi: 10.24114/cess.v7i1.27090.

D. Kurnia, “Analisis Forensik Serangan SQL Injection dan DoS Menggunakan Instrution Detection System Pada Server Berbasis Lokal,” InfoTekJar J. Nas. Inform. dan Teknol. Jar., vol. 4, no. 2, pp. 208–212, 2020, [Online]. Available: https://jurnal.uisu.ac.id/index.php/infotekjar/article/view/2420.

J. Thome, L. K. Shar, D. Bianculli, and L. Briand, “An Integrated Approach for Effective Injection Vulnerability Analysis of Web Applications through Security Slicing and Hybrid Constraint Solving,” IEEE Trans. Softw. Eng., vol. 46, no. 2, pp. 163–195, 2020, doi: 10.1109/TSE.2018.2844343.

R. Umar and A. P. Marsaid, “Analisis Keamanan Jaringan LAN Terhadap Kerentanan Jaringan Ancaman DDoS Menggunakan Metode Penetration Testing,” vol. 10, no. 1, pp. 317–329, 2023, doi: 10.30865/jurikom.v10i1.5835.

C. D. Berliana, T. A. Saputra, and I. Gunawan, “Analisis Serangan dan Keamanan pada Denial of Service (DOS): Sebuah Review Sistematik,” JIIFKOM (Jurnal Ilm. Inform. Komputer) STTR Cepu, vol. 1, no. 2, pp. 33–38, 2022, [Online]. Available: https://www.sttrcepu.ac.id/jurnal/index.php/jiifkom/article/view/229/140.

M. A. Ridho and M. Arman, “Analisis Serangan DDoS Menggunakan Metode Jaringan Saraf Tiruan,” J. Sisfokom (Sistem Inf. dan Komputer), vol. 9, no. 3, pp. 373–379, 2020, doi: 10.32736/sisfokom.v9i3.945.

S. K. Ajagekar and V. Jadhav, “Automated Approach for DDOS Attacks Detection Based on Naive Bayes Multinomial Classifier,” Proc. 2nd Int. Conf. Trends Electron. Informatics, ICOEI 2018, pp. 1–5, 2018, doi: 10.1109/ICOEI.2018.8553848.

M. Cirillo, M. Di Mauro, V. Matta, and M. Tambasco, “Application-layer DDoS attacks with multiple emulation dictionaries,” ICASSP, IEEE Int. Conf. Acoust. Speech Signal Process. - Proc., vol. 2021-June, pp. 2610–2614, 2021, doi: 10.1109/ICASSP39728.2021.9413570.

F. Antony and R. Gustriansyah, “Deteksi Serangan Denial of Service pada Internet of Things Menggunakan Finite-State Automata,” MATRIK J. Manajemen, Tek. Inform. dan Rekayasa Komput., vol. 21, no. 1, pp. 43–52, 2021, doi: 10.30812/matrik.v21i1.1078.

R. Purba, W. S. Lestari, and M. Ulina, “Deteksi Serangan DDoS Mengunakan Deep Q-Network,” J. Tek. Inform. dan Sist. Inf., vol. 9, no. 1, pp. 648–658, 2022, [Online]. Available: http://jurnal.mdp.ac.id.

M. Alenezi, A. Agrawal, R. Kumar, and R. A. Khan, “Evaluating Performance of Web Application Security through a Fuzzy Based Hybrid Multi-Criteria Decision-Making Approach: Design Tactics Perspective,” IEEE Access, vol. 8, pp. 25543–25556, 2020, doi: 10.1109/ACCESS.2020.2970784.

H. Lin, S. Cao, J. Wu, Z. Cao, and F. Wang, “Identifying Application-Layer DDoS Attacks Based on Request Rhythm Matrices,” IEEE Access, vol. 7, pp. 164480–164491, 2019, doi: 10.1109/ACCESS.2019.2950820.

W. Meng, J. Lopez, S. Xu, C. Su, and R. Lu, “IEEE Access Special Section Editorial: Internet-of-Things Attacks and Defenses: Recent Advances and Challenges,” IEEE Access, vol. 9, pp. 108846–108850, 2021, doi: 10.1109/ACCESS.2021.3101889.

M. Zidane, “Klasifikasi Serangan Distributed Denial-Of-Service ( DDOS ) Menggunakan Metode Data Mining Naïve Bayes memperoleh gelar Sarjana Komputer Disusun oleh?:,” Univ. Brawijaya, vol. 6, no. 1, p. 63, 2021.

T. Mahjabin, Y. Xiao, T. Li, and C. L. P. Chen, “Load Distributed and Benign-Bot Mitigation Methods for IoT DNS Flood Attacks,” IEEE Internet Things J., vol. 7, no. 2, pp. 986–1000, 2020, doi: 10.1109/JIOT.2019.2947659.

T. H. Damayanti and I. R. Hikmah, “Network Forensic Serangan DoS pada Jaringan Cloud berdasarkan Generic Framework for Network Forensics (GFNF),” Edumatic J. Pendidik. Inform., vol. 6, no. 2, pp. 334–343, 2022, doi: 10.29408/edumatic.v6i2.6466.

S. Dwiyatno, A. P. Sari, A. Irawan, and S. Safig, “PENDETEKSI SERANGAN DDoS (DISTRIBUTED DENIAL OF SERVICE) MENGGUNAKAN HONEYPOT DI PT. TORINI JAYA ABADI,” J. Sist. Inf. dan Inform., vol. 2, no. 2, pp. 64–80, 2019, doi: 10.47080/simika.v2i2.606.

M. H. Hawarizmi, M. T. Kurniawan, and M. Fathinuddin, “Sistem Deteksi Serangan Ddos pada Software Defined Network Menggunakan Metode Entropy,” pp. 615–628.

H. Shimamoto, N. Yanai, S. Okamura, J. P. Cruz, S. Ou, and T. Okubo, “Towards Further Formal Foundation of Web Security: Expression of Temporal Logic in Alloy and Its Application to a Security Model with Cache,” IEEE Access, vol. 7, pp. 74941–74960, 2019, doi: 10.1109/ACCESS.2019.2920675.

R. Sardar and T. Anees, “Web of Things: Security Challenges and Mechanisms,” IEEE Access, vol. 9, pp. 31695–31711, 2021, doi: 10.1109/ACCESS.2021.3057655.


Bila bermanfaat silahkan share artikel ini

Berikan Komentar Anda terhadap artikel Analisis Keamanan Website Terhadap Serangan DDOS Menggunakan Metode National Institute of Standards and Technology (NIST)

Dimensions Badge

ARTICLE HISTORY


Published: 2023-06-24
Abstract View: 1386 times
PDF Download: 1955 times

Issue

Vol. 3 No. 6 (2023): Juni 2023

Section

Articles

Copyright (c) 2023 Yuliadi Yuliadi; Yunanri. W; Fahri Hamdani, Yasinta Bella Fitriana, Nabila Oper

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors who publish with this journal agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under Creative Commons Attribution 4.0 International License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (Refer to The Effect of Open Access).