IDS Performance Analysis using Anomaly-based Detection Method for DOS Attack

Intrusion Detection System (IDS) is a system that could detect suspicious activity in a network. Two approaches are known for IDS, namely signature-based and anomaly-based. The anomaly-based detection method was chosen to detect suspicious and abnormal activity for the system that cannot be performed by the signature-based method. In this study, attack testing was carried out using three DoS tools, namely the LOIC, Torshammer, and Xerxes tools, with a test scenario using IDS and without IDS. From the test results that have been carried out, IDS has successfully detected the attacks that were sent, for the delivery of the most consecutive attack packages, namely Torshammer, Xerxes, and LOIC. In the detection of Torshammer attack tools on the target FTP Server, 9421 packages were obtained, for Xerxes tools as many as 10618 packages and LOIC tools as many as 6115 packages. Meanwhile, attacks on the target Web Server for Torshammer tools were 299 packages, for Xerxes tools as many as 530 packages, and for LOIC tools as many as 103 packages. The accuracy of the IDS performance results is 88.66%, the precision is 88.58% and the false positive rate is 63.17%.

[1]  M. Nandhini,et al.  An analysis of various snort based techniques to detect and prevent intrusions in networks proposal with code refactoring snort tool in Kali Linux environment , 2017, 2017 International Conference on Inventive Communication and Computational Technologies (ICICCT).

[2]  Daniel Silalahi,et al.  Rule generator for IPS by using honeypot to fight polymorphic worm , 2017, 2017 International Conference on Data and Software Engineering (ICoDSE).

[3]  Kyle Erickson XERXES , 2015, The Classical Review.

[4]  Akash Garg,et al.  Performance analysis of Snort-based Intrusion Detection System , 2016, 2016 3rd International Conference on Advanced Computing and Communication Systems (ICACCS).

[5]  Sumalatha Potteti,et al.  Intrusion detection system using hybrid Fuzzy Genetic algorithm , 2017, 2017 International Conference on Trends in Electronics and Informatics (ICEI).

[6]  Gulshan Kumar,et al.  Evaluation Metrics for Intrusion Detection Systems - A Study , 2014 .

[7]  M.B. Potdar,et al.  A network-based intrusion detection and prevention system with multi-mode counteractions , 2017, 2017 International Conference on Innovations in Information, Embedded and Communication Systems (ICIIECS).