针对DDoS和暴力破解攻击的入侵防御系统Fail2ban在服务器上的实现

Fazar Dawamsyach, Ikhwan Ruslianto, Uray Ristian
{"title":"针对DDoS和暴力破解攻击的入侵防御系统Fail2ban在服务器上的实现","authors":"Fazar Dawamsyach, Ikhwan Ruslianto, Uray Ristian","doi":"10.24114/cess.v8i1.40259","DOIUrl":null,"url":null,"abstract":"Server security is an important thing that must be considered so that the server can work well and serve users. Attacks on servers can threaten server performance and data security in it. According to the National Cyber and Crypto Agency 2020 report, ports 22 and 80 were the top ports with the most attacks. One of the attacks on port 22 is brute force and an attack on port 80 is Distributed Denial of Service (DDoS). To solve this problem, a study was conducted to implement fail2ban IPS (Intrusion Prevention System) to increase server security. The attacks tested focused on brute force attacks on port 22 and DDoS attacks on port 80 using the TCP protocol. The fail2ban system is equipped with a website interface and notifications via telegram. The test results show that DDoS attacks have more impact on CPU performance with the highest increase in CPU being 92%, while brute force attacks have more impact on server memory performance with the highest increase in memory by 100%. The increase in server performance results in slowed server performance. The system managed to prevent DDoS attacks with an average speed of 0.5 seconds while brute force attacks were 6.1 seconds. The system managed to prevent DDoS attacks with a total of 88 attacks and brute force attacks with a total of 864 attacks.","PeriodicalId":53361,"journal":{"name":"CESS Journal of Computer Engineering System and Science","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2023-01-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Implementation of IPS (Intrusion Prevention System) Fail2ban on Server for DDoS and Brute Force Attacks\",\"authors\":\"Fazar Dawamsyach, Ikhwan Ruslianto, Uray Ristian\",\"doi\":\"10.24114/cess.v8i1.40259\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Server security is an important thing that must be considered so that the server can work well and serve users. Attacks on servers can threaten server performance and data security in it. According to the National Cyber and Crypto Agency 2020 report, ports 22 and 80 were the top ports with the most attacks. One of the attacks on port 22 is brute force and an attack on port 80 is Distributed Denial of Service (DDoS). To solve this problem, a study was conducted to implement fail2ban IPS (Intrusion Prevention System) to increase server security. The attacks tested focused on brute force attacks on port 22 and DDoS attacks on port 80 using the TCP protocol. The fail2ban system is equipped with a website interface and notifications via telegram. The test results show that DDoS attacks have more impact on CPU performance with the highest increase in CPU being 92%, while brute force attacks have more impact on server memory performance with the highest increase in memory by 100%. The increase in server performance results in slowed server performance. The system managed to prevent DDoS attacks with an average speed of 0.5 seconds while brute force attacks were 6.1 seconds. The system managed to prevent DDoS attacks with a total of 88 attacks and brute force attacks with a total of 864 attacks.\",\"PeriodicalId\":53361,\"journal\":{\"name\":\"CESS Journal of Computer Engineering System and Science\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-01-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"CESS Journal of Computer Engineering System and Science\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.24114/cess.v8i1.40259\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"CESS Journal of Computer Engineering System and Science","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.24114/cess.v8i1.40259","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

摘要

服务器安全性是一个必须考虑的重要因素,这样服务器才能正常工作并为用户服务。对服务器的攻击可能威胁服务器性能和数据安全。根据国家网络和加密机构2020年的报告,端口22和80是攻击最多的端口。对端口22的攻击之一是暴力攻击,对端口80的攻击是分布式拒绝服务(DDoS)。为了解决这个问题,研究了如何实现fail2ban IPS(入侵防御系统)来提高服务器的安全性。测试的攻击集中在使用TCP协议的端口22上的暴力攻击和端口80上的DDoS攻击。fail2ban系统配备了网站界面和通过电报进行通知。测试结果表明,DDoS攻击对CPU性能的影响更大,CPU最高增长92%,而暴力攻击对服务器内存性能的影响最大,内存最高增长100%。服务器性能的提高导致服务器性能降低。该系统成功阻止了DDoS攻击,平均速度为0.5秒,而暴力攻击则为6.1秒。该系统成功阻止了DDoS攻击(共88次)和暴力攻击(共864次)。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Implementation of IPS (Intrusion Prevention System) Fail2ban on Server for DDoS and Brute Force Attacks
Server security is an important thing that must be considered so that the server can work well and serve users. Attacks on servers can threaten server performance and data security in it. According to the National Cyber and Crypto Agency 2020 report, ports 22 and 80 were the top ports with the most attacks. One of the attacks on port 22 is brute force and an attack on port 80 is Distributed Denial of Service (DDoS). To solve this problem, a study was conducted to implement fail2ban IPS (Intrusion Prevention System) to increase server security. The attacks tested focused on brute force attacks on port 22 and DDoS attacks on port 80 using the TCP protocol. The fail2ban system is equipped with a website interface and notifications via telegram. The test results show that DDoS attacks have more impact on CPU performance with the highest increase in CPU being 92%, while brute force attacks have more impact on server memory performance with the highest increase in memory by 100%. The increase in server performance results in slowed server performance. The system managed to prevent DDoS attacks with an average speed of 0.5 seconds while brute force attacks were 6.1 seconds. The system managed to prevent DDoS attacks with a total of 88 attacks and brute force attacks with a total of 864 attacks.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
40
审稿时长
4 weeks
期刊最新文献
Implementation of the Multimedia Development Life Cycle in Making Educational Games About Indonesia Data Mining Algorithm Decision Tree Itterative Dechotomiser 3 (ID3) for Classification of Stroke Implementation of Weight Aggregated Sum Product Assessment (WASPAS) on the Selection of Online English Course Platforms Usability of Brain Tumor Detection Using the DNN (Deep Neural Network) Method Based on Medical Image on DICOM Performance Comparison Analysis of Multi Prime RSA and Multi Power RSA
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1