<![CDATA[Network security is essential in today's rapid technological developments, especially to avoid undesirable things such as attacks carried out by irresponsible parties. An intrusion prevention system is one of the methods used in a network security system. One attack that causes weak server services is Distributed Denial of Service (DDoS). This research aims to develop a Suricata-based Intrusion Prevention System for network security at the research location and to carry out tests to prevent attacks on the network at the research location. This research uses a waterfall model consisting of 5 stages: Analysis, Design, Implementation, Testing and Maintenance. The results of the research carried out on the development of a Suricata-based Intrusion Prevention System were able to detect DDoS attacks (Syn Flood and Ping of Death) and block access to these attacks so that network traffic was stable by utilizing the firewall feature, namely Iptables. The Suricata-based Intrusion Prevention System (IPS) demonstrated strong performance in detecting DDoS attacks, with a 98% detection rate for Syn Flood attacks and a 95% detection rate for Ping of Death attacks. The system maintained an overall average detection rate of 96.5% across both attack types, while keeping false positives low, at 2% for Syn Flood and 3% for Ping of Death. This resulted in an overall false positive rate of 2.5%, indicating the IPS's effectiveness in accurately identifying threats with minimal erroneous alerts, thereby providing robust network security.]]>
Copyrights © 2024
