DDoS ATTACK MITIGATION WITH INTRUSION DETECTION SYSTEM (IDS) USING TELEGRAM BOTS
Abstract
In the current IS/IT era, service to consumers is an absolute must to be prepared to survive in business competition. Physical and logical attacks with the aim of disrupting information technology services for individuals/agencies/companies or reducing the performance of IS/IT used. The development of IoT in the industrial revolution 4.0, which is all online, is a challenge in itself, from a negative point of view, all of them are able to carry out attacks on ISP servers, often carried out by hackers. DDoS (Distributed Denial of Service) attacks are the most common attacks. The development of software for DDoS attacks is very much on the internet, including UDP Unicorn software to attack very easily and can be done by anyone. Software for real-time monitoring of DDoS attacks, one of which is the Telegram bot. Telegram is a messaging system centered on security and confidentiality, while bots are computer programs that do certain jobs automatically. Telegram bot is free, lightweight and multiplatform. In the case study, this research contains 10 access points to the internet that will be mitigated from DDoS attacks. In this study, it was found that DDoS attacks caused traffic to become very high/congested by fulfilling upload traffic so that legitimate traffic users could not access the internet, connection to the internet was slow, the traffic was also unnatural, making it unable to connect to wireless devices and making Mikrotik login page becomes unable to appear. The purpose of this study is to mitigate DDoS attacks with the help of telegram bots so as to facilitate the notification of DDoS attacks in the event of an attack so that it is fast to deal with and find the perpetrators of the attack. The conclusion of this study is that DDoS attacks using UDP unicorn software resulted in a traffic spike of 53.5 Mbps on the upload traffic side, causing traffic for legitimate/authenticated users to slow down. By using telegram bots to know DDoS attacks occur in real time with a success rate of attack detection up to 100% notifications on telegram bots. Mitigation of DDoS attacks takes steps to track users using the torch feature on the routerboard interface menu, trace internet connection lines using wired or wireless transmission media, and ensure always monitoring the proxy interface from winbox.
Keywords
Full Text:
PDFReferences
Kabayankababayan, “Mengenal Bot Telegram,” 2015. https://rizaumami.github.io/2015/12/11/mengenal-bot-telegram/ (accessed Dec. 01, 2021).
N. Sugianti, Y. Galuh, S. Fatia, and K. F. H. Holle, “Deteksi Serangan Distributed Denial of Services (DDOS) Berbasis HTTP Menggunakan Metode Fuzzy Sugeno,” JISKA (Jurnal Inform. Sunan Kalijaga), vol. 4, no. 3, pp. 156–164, 2020, doi: 10.14421/jiska.2020.43-03.
J. C. J. Sihombing, D. P. Kartikasari, and A. Bhawiyuga, “Implementasi Sistem Deteksi dan Mitigasi Serangan Distributed Denial of Service (DDoS) menggunakan SVM Classifier pada Arsitektur Software-Defined Network (SDN),” J. Pengemb. Teknol. Inf. dan Ilmu Komput., vol. 3, no. 10, pp. 9608–9613, 2019.
M. Aziz, R. Umar, and F. Ridho, “Implemetasi Jaringan Saraf Tiruan untuk Mendeteksi Serangan DDoS pada Forensik Jaringan,” QUERY J. Sist. Inf., vol. 3, no. 1, pp. 46–52, 2019.
E. P. Nugroho, E. Nugraha, and M. N. Zulfikar, “Sistem Reporting Keamanan pada Jaringan Cloud Computing Melalui bot Telegram dengan Menggunakan Teknik Intrussion Detection and Prevention System,” J. Teknol. Terpadu, vol. 5, no. 2, pp. 49–57, 2019, [Online]. Available: https://journal.nurulfikri.ac.id/index.php/JTT/article/view/233.
J. Fahana, R. Umar, and F. Ridho, “Pemanfaatan Telegram sebagai Notifikasi Serangan untuk Jaringan Forensik,” Query J. Inf. Syst., vol. 1, no. 2, pp. 6–14, 2017, [Online]. Available: http://jurnal.uinsu.ac.id/index.php/query/article/view/1036.
D. Ariyus, INTRUSION DETECTION SYSTEM: Sistem Deteksi Penyusupan Pada Jaringan Komputer. Yogyakarta: Andi, 2007.
S. M. Mousavi, “Early Detection of DDoS Attacks in Software Defined Networks Controller,” in Thesis, Ottawa, 2014, pp. 77–81.
S. kumarasamy and R. Asokan, “Distributed Denial of Service (DDOS) Attacks Detection Mechanism,” Int. J. Comput. Sci. Eng. Inf. Technol., vol. 1, no. 5, pp. 39–49, 2011, doi: 10.5121/ijcseit.2011.1504.
A. Chopra, “Security Issues of Firewall,” Int. J. P2P Netw. Trends Technol., vol. 22, no. 1, pp. 4–9, 2016, doi: 10.14445/22492615/ijptt-v22p402.
citraweb, “Traffic Monitor Mikrotik,” mikrotik.id. https://mikrotik.id/artikel_lihat.php?id=289 (accessed Aug. 11, 2021).
S. R. Umami, “Mengenal Bot Telegram,” 2015, 2015. https://rizaumami.github.io/2015/12/11/mengenal-bot-telegram/ (accessed Aug. 11, 2021).
DOI: https://doi.org/10.31326/jisa.v4i2.1043
Refbacks
- There are currently no refbacks.
Copyright (c) 2021 Mohammad Taufan Asri Zaen, Ahmad Tantoni, Maulana Ashari
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
JOURNAL IDENTITY
Journal Name: JISA (Jurnal Informatika dan Sains)
e-ISSN: 2614-8404, p-ISSN: 2776-3234
Publisher: Program Studi Teknik Informatika Universitas Trilogi
Publication Schedule: June and December
Language: Indonesia & English
APC: The Journal Charges Fees for Publishing
Indexing: EBSCO , DOAJ, Google Scholar, Arsip Relawan Jurnal Indonesia, Directory of Research Journals Indexing, Index Copernicus International, PKP Index, Science and Technology Index (SINTA, S4) , Garuda Index
OAI address: http://trilogi.ac.id/journal/ks/index.php/JISA/oai
Contact: jisa@trilogi.ac.id
Sponsored by: DOI – Digital Object Identifier Crossref, Universitas Trilogi
In Collaboration With: Indonesian Artificial Intelligent Ecosystem(IAIE), Relawan Jurnal Indonesia, Jurnal Teknologi dan Sistem Komputer (JTSiskom)
JISA (Jurnal Informatika dan Sains) is Published by Program Studi Teknik Informatika, Universitas Trilogi under Creative Commons Attribution-ShareAlike 4.0 International License.