Komparasi Mod Evasive dan DDoS Deflate Untuk Mitigasi Serangan Slow Post

Authors

  • Jupriyadi Jupriyadi Universitas Teknokrat Indonesia https://orcid.org/0000-0002-0909-3333
  • Budi Hijriyanto Universitas Teknokrat Indonesia
  • Faruk Ulum Universitas Teknokrat Indonesia

DOI:

https://doi.org/10.33633/tc.v20i1.4116

Keywords:

denial of service, slow post, web server, ddos deflate, mod-evasive

Abstract

Web server merupakan server yang memberikan layanan berbasis web dan harus mampu melayani pengguna saat dibutuhkam. Namun tidak menutup kemungkinan web server dapat mengalami gangguan akibat ancaman dan serangan yang dilakukan oleh pihak yang tidak bertanggungjawab. Salah satu ancaman yang dapat menggangu web server adalah  serangan Denial of Service (DOS) menggunakan teknik slow post yang dapat menyebabkan layanan pada web server tidak dapat diakses. Penelitian ini akan menguji dua buah metode pengamanan yang dapat digunakan untuk mengurangi dampak serangan DoS yaitu mod-evasive dan ddos deflate. Berdasarkan eksperimen yang telah dilakukan dapat diambil kesimpulan bahwa ddos deflate merupakan metode yang lebih baik dibandingkan dengan mod-evasive dalam mengatasi serangan DOS karena ddos deflate mampu mendeteksi dan dapat memutus koneksi yang berlebihan sesuai dengan konfigurasi yang dilakukan.

References

Arman, M., 2020. Metode Pertahanan Web Server Terhadap Distributed Slow HTTP DoS Attack. JATISI (Jurnal Teknik Informatika dan Sistem Informasi), 7(1), pp.56-70.

J. Park, 2015, Analysis of Slow Read DoS Attack and Countermeasures on Web servers, Int. J. Cyber-Security Digit. Forensics, vol. 4, no. 2, hal. 339–353

Unrein, E., Fish, D., Boeker, J., & Sun, W. (2012). Living in denial-A comparison of distributed denial of service mitigation methods. Issues in Information Systems, 13(1), 190-198.

M. Yeasir, M. Morshed, dan M. Fakrul, 2015, A Practical Approach and Mitigation Techniques on Application Layer DDoS Attack in Web Server. Int. J. Comput. Appl., vol. 131, no. 1, hal. 13–20

Hari Siswantoro, A Sumarudi, Agus Mulyanto, Riri Fitri Sari, 2012, Comparison of Singlehoming and Multihoming Honeypot Defense System to Mitigate Flooding based DDoS Attacks, International Conference on Computer and Management (CAMAN)

D. P. Mishra dan K. Sourav, 2012, DDoS Detection and Defense: Client Termination Approach, hal. 2–6.

D. S. B. Sangeetha, 2015, DDoS Deflate and APF (Advanced Policy Firewall) : A Report Int. J. Comput. Trends Technology, vol. 27, no. 2, hal. 64–69

Yevsieieva O, Helalat SM. 2017, Analysis of the impact of the slow http dos and ddos attacks on the cloud environment, 4th international scientific-practical conference problems of infocommunications. Science and technology (PICSI&T), IEEE, pp. 519–23

S.N.M.P. Simamora, L. N. Lubis, A. Sularsa, 2012, Implementasi Pencegahan Serangan Interruption Jenis Flooding Terhadap Keamanan Layanan Video-Streaming, Jurnal Ilmiah Ilmu Komputer, Vol. 8 No. 2 Maret 2012: 153-165

Marquette S. 2017, Types of DDoS attacks, https://www.esecurityplanet.com/network-security/types-of-ddos-attacks.html, Diakses tanggal 30 Juli 20 September 2020

Jefferson González, 2018, Fork of DDoS Deflate with fixes, improvements and new features, https://github.com/jgmdev/ddos-deflate, Diakses tanggal 30 Agustus 2020

Francisndungu, 2018, How to Secure Apache Web Server with ModEvasive on Ubuntu 16.04, https://www.alibabacloud.com/blog/how-to-secure-apache-web-server-with-modevasive-on-ubuntu-16-04_59405, Diakses 10 September 2020

Modi H. NETSCOUT threat intelligence report. Technical report. 2018, https://www.netscout.com/sites/default/files/2019-02/SECR_001_EN-1901%20-%20NETSCOUT%20Threat%20Intelligence%20Report%202H%202018.pdf. Diakses tanggal 25 September 2020.

Muhammad Suyuti Ma’sum, M. Azhar Irwansyah, Heri Priyanto, 2017, Analisis Perbandingan Sistem Keamanan Jaringan Menggunakan Snort dan Netfilter, Jurnal Sistem dan Teknologi Informasi (JUSTIN) Vol.5,No.1, (2017)

Micky Barzilay, 2019, Mitigating_HTTP_Flooding_Attacks on Apache HTTP Web Server, London Metropolitan University

Downloads

Published

2021-02-09

Issue

Vol. 20 No. 1 (2021): Februari 2021

Section

Articles

License

Copyright (c) 2021 Jupriyadi Jupriyadi, Faruk Ulum, Budi Hijriyanto

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

 

License Terms

All articles published in Techno.COM Journal are licensed under the Creative Commons Attribution-NonCommercial 4.0 International (CC BY-NC 4.0). This means:

1. Attribution

Readers and users are free to:

  • Share – Copy and redistribute the material in any medium or format.

  • Adapt – Remix, transform, and build upon the material.

As long as proper credit is given to the original work by citing the author(s) and the journal.

2. Non-Commercial Use

  • The material cannot be used for commercial purposes.

  • Commercial use includes selling the content, using it in commercial advertising, or integrating it into products/services for profit.

3. Rights of Authors

  • Authors retain copyright and grant Techno.COM Journal the right to publish the article.

  • Authors can distribute their work (e.g., in institutional repositories or personal websites) with proper acknowledgment of the journal.

4. No Additional Restrictions

  • The journal cannot apply legal terms or technological measures that restrict others from using the material in ways allowed by the license.

5. Disclaimer

  • The journal is not responsible for how the published content is used by third parties.

  • The opinions expressed in the articles are solely those of the authors.

For more details, visit the Creative Commons License Page:
? https://creativecommons.org/licenses/by-nc/4.0/

 

Most read articles by the same author(s)

Obs.: This plugin requires at least one statistics/report plugin to be enabled. If your statistics plugins provide more than one metric then please also select a main metric on the admin's site settings page and/or on the journal manager's settings pages.