Skripsi
SISTEM PENCEGAHAN SERANGAN DDOS TCP FLOOD MENGGUNAKAN ALGORITMA INGRESS/EGRESS FILTERING
DDoS TCP Flood attack is a condition where the attacker exploits the three-way handshaking mechanism of the TCP connection establishment process, where the server will be flooded with requests for SYN packets without being responded by the server. In preventing TCP Flood DDoS attacks, we need a system that will detect the attack pattern and then independently reject packets that indicated as attacks. In this study, the attack prevention system uses a combination of iptables in which the ingress/egress filtering algorithm is applied and Suricata is in charge of rejecting attack packets with known patterns. The packets sent will initially be filtered based on their prefix in iptables, if the packet has a valid prefix then the packet will be analyzed by Suricata which will determine whether the packet is forwarded to the destination IP address or will be rejected, in the end, the captured packet details on the attacker's computer, the prevention system, and the victim's computer will be validated and compared the number of prevention failures. From the results of testing the attack prevention system using the ingress/egress filtering algorithm, in preventing DDoS TCP Flood attacks, the success rate of preventing IP addresses with valid prefixes reaches 93.33%. while prevention for IP addresses with invalid prefixes (Spoofing), ingress/egress filtering managed to prevent all these attack packets
Inventory Code | Barcode | Call Number | Location | Status |
---|---|---|---|---|
2107002487 | T52821 | T528212021 | Central Library (Referens) | Available but not for loan - Not for Loan |
No other version available