PEMANFAATAN KERANGKA KERJA INVESTIGASI FORENSIK JARINGAN UNTUK IDENTIFIKASI SERANGAN JARINGAN MENGGUNAKAN SISTEM DETEKSI INTRUSI (IDS)

Abstract

One of the media to secure computers is to apply Intrusion Detection System (IDS) technology. IDS is an early detection system in the event of a computer network attack. The IDS will alert the computer network administrator in the event of a computer network attack. IDS also records all attempts and activities aimed at disrupting computer networks and other computer network attacks. The purpose of this study is to implement IDS on network systems and analyze IDS logs to determine the types and types of computer network attacks. Logs on the IDS will be analyzed in depth to be used as an effort to improve computer network security. The research method that will be used is applied research. The research was carried out using the Network Forensic Investigation Framework proposed by Pilli, Joshi and Niyogi. The stages of the Network Forensic Investigation Framework are used to perform network simulations, analysis and investigations to determine the types of computer network attacks. The results show that the Network Forensic Investigation Framework facilitates the investigation process when a network attack occurs. The Network Forensic Investigation Framework is effectively used when the computer network has network security support applications such as IDS or others. IDS is effective in detecting network scanning activities and DOS attacks. IDS provides alerts to administrators because there are activities that violate the rules on the IDS.