International Journal of Computer and Information System (IJCIS)

The recent surge in cyberattacks should not be taken lightly, especially by large enterprises with sensitive data. Intrusion Detection Systems (IDS) are becoming a critical component for detecting network anomalies. One such network anomaly detection tool is SNORT, with a BASE (Basic Analysis and Security Engine) frontend for efficient data processing. Acting as a bridge between SNORT and BASE, the author uses barnyard2 as a backend to store logs obtained from SNORT into the database. The implementation methodology used in this research is an experimental approach, where the authors conduct experiments through trial and error to achieve the desired results. This IDS system was tested using two types of attacks, namely DDoS and SQL-Injection. The DDoS attack trial uses tools found in Kali Linux, namely Hping3 with 6 scenarios namely FIN, ACK, RST, UDP, SYN, and ICMP with the results detected in the snort database. SQL-Injection attack test using the DVWA vulnerable website with the result detected in the snort database when the attack is carried out. This proves that the accuracy level of the system reaches close to 100% with the rules given and the penetration testing given.

F. Erlacher and F. Dressler, “On High-Speed Flow-Based Intrusion Detection Using Snort-Compatible Signatures,” IEEE Trans. Dependable Secur. Comput., vol. 19, no. 1, pp. 495–506, 2022, doi: 10.1109/TDSC.2020.2973992.

W. D. Romadhon, “Implementasi Suricata Idps Untuk Monitoring Jaringan Dengan Visualisasi Elk (Elasticsearch, Logtash, Kibana) Dan Notifikasi Melalui Bot Telegram,” 2021, [Online]. Available: http://eprints.ums.ac.id/id/eprint/78171

“Analysis of Digital Forensics in the Implementation of Intrusion Detection using Snort,” FUOYE J. Pure Appl. Sci., vol. 7, no. 1, pp. 100–107, 2022, doi: 10.55518/fjpas.ijms6335.

C.-L. Chen and J. L. Lai, “An Experimental Detection of Distributed Denial of Service Attack in CDX 3 Platform Based on Snort,” Sensors, vol. 23, no. 13, 2023, doi: 10.3390/s23136139.

S. T. Rahman and M. Rabiul Islam, “Experimental Method,” in Principles of Social Research Methodology, M. R. Islam, N. A. Khan, and R. Baikady, Eds., Singapore: Springer Nature Singapore, 2022, pp. 157–165. doi: 10.1007/978-981-19-5441-2_11.

S. A. Changazi, I. Shafi, K. Saleh, M. H. Islam, S. M. Hussainn, and A. Ali, “Performance enhancement of snort ids through kernel modification,” in 2019 8th International Conference on Information and Communication Technologies, ICICT 2019, 2019, pp. 155–161. doi: 10.1109/ICICT47744.2019.9001286.

A. Goel and A. K. Vasistha, “The Implementation of Rule-Based Early Warning System in Snort Through Email,” in Innovations in Electronics and Communication Engineering, H. S. Saini, R. K. Singh, V. M. Patel, K. Santhi, and S. V Ranganayakulu, Eds., Singapore: Springer Singapore, 2019, pp. 383–391.

A. Wiranata, N. Karna, A. Irawan, and I. A. Prakoso, “Implementation and Analysis of Network Security in Raspberry Pi against DOS Attack with HIPS Snort,” in 2023 International Conference on Computer Science, Information Technology and Engineering (ICCoSITE), 2023, pp. 892–896. doi: 10.1109/ICCoSITE57641.2023.10127741.

A. Kapoor, “SQL-Injection Threat Analysis and Evaluation,” SSRN Electron. J., 2023, doi: 10.2139/ssrn.4430812.

D. A. P. Putri and A. Rachmawati, “Honeypot cowrie implementation to protect ssh protocol in ubuntu server with visualisation using kippo-graph,” Int. J. Adv. Trends Comput. Sci. Eng., vol. 8, no. 6, pp. 3200–3207, 2019, doi: 10.30534/ijatcse/2019/86862019.

P. Cisar and R. Pinter, “Some ethical hacking possibilities in Kali Linux environment,” J. Appl. Tech. Educ. Sci. jATES, vol. 9, no. 4, pp. 129–149, 2019, [Online]. Available: http://doi.org/10.24368/jates.v9i4.139http://jates.org