Mengamankan Perangkat Jaringan Dari Serangan DDoS Menggunakan Fitur Firewall-RAW di Router MikroTik

Authors

  • Syaiful Bahri STKIP Al Maksum

Keywords:

DDoS attacks, DDoS attacks, Firewall-RAW, MikroTik Router, MikroTik Route

Abstract

DDoS (Denial of Service) attacks are a serious threat in network security that can cause services to become unavailable due to unusually high traffic volumes. This research aims to secure network devices from DDoS attacks by using the Firewall-RAW feature on the MikroTik Router. In tests carried out using MikroTik RouterOS, DDoS attacks were effectively prevented by using firewall rules that were set to reject packets that exceeded a predetermined threshold. However, the test results also show that the CPU Load of the device is still affected by DDoS attacks, although to a limited extent. This emphasizes that protecting against DDoS attacks is not an easy task, but the use of firewall rules can help reduce the system load due to these attacks. The recommended next step is to ensure the router device has sufficient CPU resources to anticipate the impact of a DDoS attack that may occur in the future. However, it is important to remember that firewall rules are only an additional protective measure and do not guarantee absolute protection from DDoS attacks. Therefore, there is a need for a comprehensive security strategy and appropriate infrastructure improvements to reduce the risk of greater DDoS attacks

Author Biography

Syaiful Bahri, STKIP Al Maksum

<em>DDoS (Denial of Service) attacks are a serious threat in network security that can cause services to become unavailable due to unusually high traffic volumes. This research aims to secure network devices from DDoS attacks by using the Firewall-RAW feature on the MikroTik Router. In tests carried out using MikroTik RouterOS, DDoS attacks were effectively prevented by using firewall rules that were set to reject packets that exceeded a predetermined threshold. However, the test results also show that the CPU Load of the device is still affected by DDoS attacks, although to a limited extent. This emphasizes that protecting against DDoS attacks is not an easy task, but the use of firewall rules can help reduce the system load due to these attacks. The recommended next step is to ensure the router device has sufficient CPU resources to anticipate the impact of a DDoS attack that may occur in the future. However, it is important to remember that firewall rules are only an additional protective measure and do not guarantee absolute protection from DDoS attacks. Therefore, there is a need for a comprehensive security strategy and appropriate infrastructure improvements to reduce the risk of greater DDoS attacks</em>

References

A. Fadlil, I. Riadi, and S. Aji, “Pengembangan Sistem Pengaman Jaringan Komputer Berdasarkan Analisis Forensik Jaringan,” Jurnal Ilmiah Teknik Elektro Komputer dan Informatika, vol. 3, no. 1, pp. 11–19, 2017

Dwiyatno,S., Sari,A. P., Irawan, A., & Safig, S.(2019). Pendeteksi Serangan Ddos (Distributed Denialof Service) Menggunakan Honeypot di PT. Torini Jaya Abadi. JurnalSistem Informasi dan Informatika(SIMIKA), 2(2), 64-80. DOI: https://doi.org/10.47080/simika.v2i2.606.

Winanto, C. A. (2016) “Deteksi serangan Denial of Service mengunakan Artificial Immune System,” Computer Engineering, 2(Faculty of Computer Science, Sriwijaya University), pp. 456–459.

A. Fadlil and S. Aji, “DDoS Attacks Classification using Numeric Attribute-based Gaussian Naive Bayes,” IJACSA) International Journal of Advanced Computer Science and Applications, vol. 8, no. 8, 2017

Liang,X.,& Znati, T. (2019). On The Performance Of Intelligent Techniques For Intensive And StealthyDDos Detection. Computer Networks, 164. DOI: https://doi.org/10.1016/j.comnet.2019.106906.

Yudhana,A.,Riadi,I.,& Ridho, F. (2018). DDoS Classification Using Neural Network and Naïve Bayes Methods for Network Forensics. International Journal of Advanced Computer Science and Applications(IJACSA),9(11), 177-183.DOI: http://dx.doi.org/10.14569/IJACSA.2018.091125

W. Meng, J. Lopez, S. Xu, C. Su, and R. Lu, “IEEE Access Special Section Editorial: Internet-of-Things Attacks and Defenses: Recent Advances and Challenges,” IEEE Access, vol. 9, pp. 108846–108850, 2021, doi: 10.1109/ACCESS.2021.3101889

R. Pambudi dan M. A. Muslim, “Implementasi Policy Base Routing dan Failover Menggunakan Router Mikrotik untuk Membagi Jalur Akses Internet di FMIPA Unnes,” J.Teknol. dan Sist. Komput., vol. 5, no. 2, hal. 57, 2017, doi: 10.14710/jtsiskom.5.2.2017.57-61.

A. Muzakir dan M. Ulfa, “Analisis Kinerja Packet Filtering Berbasis Mikrotik Routerboard Pada Sistem Keamanan jaringan,” Simetris J. Tek. Mesin, Elektro dan Ilmu Komput., vol. 10, no. 1, hal. 15–20, 2019, doi: 10.24176/simet.v10i1.2646

B. Jaya, Y. Yunus, dan S. Sumijan, “Peningkatan Keamanan Router Mikrotik Terhadap Serangan Denial of Service (DoS),” J. Sistim Inf. dan Teknol., vol. 2, no. 4, hal. 5–9, 2020, doi: 10.37034/jsisfotek.v2i4.81

Downloads

Published

2024-04-28

How to Cite

Bahri, S. (2024). Mengamankan Perangkat Jaringan Dari Serangan DDoS Menggunakan Fitur Firewall-RAW di Router MikroTik. KAKIFIKOM (Kumpulan Artikel Karya Ilmiah Fakultas Ilmu Komputer), 6(1), 1–6. Retrieved from https://ejournal.ust.ac.id/index.php/KAKIFIKOM/article/view/3589

Issue

Section

Artikel