Author:
Ernawati T,Fachrozi M F,Syaputri D D
Abstract
Abstract
The purpose of this study is to analyze the performance of IDS (PSAD, Portsentry and Suricata). The research methodology used was the Network Development Life Cycle (NDLC). The system has designed through several stages (system requirements analysis, system/software installation, configuration and testing software attacks). The system detects and monitors the number of suspicious activities that occur on the server (using a cloud service) or computer network. In the event of a threat, the system will issue a warning and keep records for analysis. The IDS performance tests are differentiated based on three types of attack (port scanning, DDoS SYN flood and brute force attack), the parameters tested include a speed of detection, detection accuracy and resources usage. Test results showed Suricata and PSAD are superior in detection accuracy (100%). Suricata showed better performance in resources usage (average 1.64% CPU, 8.42% disk), portsentry is only superior to RAM usage (26.89%). PSAD was better in the speed of detection (average 4.21s.). The result concluded Suricata and PSAD better performance to be used as network IDS.
Cited by
1 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献