Intrusion Prevention System is a system that combines firewall techniques and Intrusion Detection System to overcome threats on a network with a network that then provides a warning. In contrast to IDS, IPS provides a response to traffic that is considered an attack and that traffic. The data set used in this research is Stratosphere CTU-25-5 which will compile into the snort IDS engine to get attack patterns from Botnet attacks, once recognized and the proper rules have been supported then the results of the process are validated using Machine Learning with the Support method. Vector Machine and an accuracy value of 98.3%. Furthermore, Suricata Engine is used as an IPS system to be stored, and Botnet attack packages, specifically caused by Zeus Malware. This attack aims to sneak malware to infect computers and reports to become part of the botnet. This system will only order packages based on the rules used (rule-based).
Authors: At Thoriq Fitriansyah, Deris Stiawan, Ahmad Heryanto
Publish Year: 2021
