COMPARATIVE STUDY OF DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACK DETECTION IN COMPUTER NETWORKS

Abstract

Distributed Denial of Service (DDoS) attack is an internet crime that aims to consume server resources so that the server becomes unusable. Suricata, Snort and Wireshark are useful software applications for detecting DDoS attacks. This study aims to compare the performance of the snort, suricata and wireshark applications in detecting Distributed Denial of Service attacks. The comparison parameters used are the total attacks that can be detected and memory usage. The type of attack used in testing is syn flood and ping of death. The research results obtained by Suricata became the most effective application in this study compared to snort and wireshark. Suricata excels in memory usage in the two types of attacks performed with the percentage of memory usage being 0.1891 GB (4.975%) during syn flood attacks and 0.00114 GB (0.03%) during ping of death attacks. Suricata also excels in the percentage of the total number of detected ping of death attacks, namely 86,472%.