Integrated Security System Implementation for Network Intrusion

Network security systems vary much according to the circumstances and conditions concerned. A network security system plays a very important role in maintaining network security to prevent attacks and protect us from frequent attacks on a device through a network both in terms of malware administration and data theft. This research aims to build a Honeypot security system as a trap, detect attacks, and be able to get useful information from malware analysis results. It is also focused on the extent to which HIDS-based IDS can detect attacks common in the network, with Honeypot Dionaea, which serves as an attracter for attackers, and what information will be obtained when performing analysis malware using Cuckoo Sandbox. This implementation is carried out with six active users in one network and pays attention to whether IDS can detect the attacker. The results show that HIDS-based IDS has the advantage of monitoring digital data, and based on the results of brute force attack attempts obtained, 65.55% detected an attempt to log in using an unregistered username, 29.16% detected a failed login attempt, 4.17% detected double log in a short time, and 1.11% detected a brute force attempt to gain access to the system. Cuckoo Sandbox can provide malware information in the form of what types of malware are analyzed, how the malware behaves, and how it impacts the malware on the systems attacked.

Keywords: Honeypot, Intrusion Detection System, malware, network, security.

SAIKAWA K. and KLYUEV V. Detection and Classification of Malicious Access using a Dionaea Honeypot. Proc. 2019 10th IEEE Int. Conf. Intell. Data Acquis. Adv. Comput. Syst. Technol. Appl. IDAACS 2019, 2: 844–848, doi: 10.1109/IDAACS.2019.8924340.

SETHIA V. and JEYASEKAR A. Malware capturing and analysis using dionaea honeypot. Proc. - Int. Carnahan Conf. Secur. Technol., 2019, 0–3, doi: 10.1109/CCST.2019.8888409.

USTEBAY S., TURGUT Z., and AYDIN M. A. Intrusion Detection System with Recursive Feature Elimination by Using Random Forest and Deep Learning Classifier. Int. Congr. Big Data, Deep Learn. Fight. Cyber Terror. IBIGDELFT 2018 - Proc. 2019: 71–76, doi: 10.1109/IBIGDELFT.2018.8625318.

VIJAYANAND R., DEVARAJ D., and KANNAPIRAN B. Intrusion detection system for wireless mesh network using multiple support vector machine classifiers with genetic-algorithm-based feature selection. Comput. Secur., 2018, 77: 304–314, doi: 10.1016/j.cose.2018.04.010.

MEGIRA S., PANGESTI A. R., and WIBOWO F. W. Malware Analysis and Detection Using Reverse Engineering Technique. J. Phys. Conf. Ser., 2018, 1140(1), doi: 10.1088/1742-6596/1140/1/012042.

JEREMIAH J. Intrusion Detection System to Enhance Network Security Using Raspberry PI Honeypot in Kali Linux. 2019 Int. Conf. Cybersecurity, ICoCSec 2019: 91–95, doi: 10.1109/ICoCSec47621.2019.8971117.

FAN W., DU Z., SMITH-CREASEY M., and FERNANDEZ D. HoneyDOC: An Efficient Honeypot Architecture Enabling All-Round Design. IEEE J. Sel. Areas Commun., 2019, 37, (3): 683–697, doi: 10.1109/JSAC.2019.2894307.

KHRAISAT A., GONDAL I., VAMPLEW P., and KAMRUZZAMAN J. Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity, 2019, 2(1), doi: 10.1186/s42400-019-0038-7.

TAMA B., COMUZZI A. M., and RHEE K. H. TSE-IDS: A Two-Stage Classifier Ensemble for Intelligent Anomaly-Based Intrusion Detection System. IEEE Access, 7: 94497–94507, 2019, doi: 10.1109/ACCESS.2019.2928048.

PHAM N. T., FOO E., SURIADI S., JEFFREY H., and LAHZA H. F. M. Improving performance of intrusion detection system using ensemble methods and feature selection. ACM Int. Conf. Proceeding Ser., 2018, doi: 10.1145/3167918.3167951.

WIDODO T., MUHSINA E. A., and SUGIANTORO B. Honeypot Log Analysis as a Network Security Support. IJID (International J. Informatics Dev., 2019, 2(1): 8–12.

TAHER K. A., MOHAMMED YASIN JISAN B., and RAHMAN M. M. Network intrusion detection using supervised machine learning technique with feature selection,” 1st Int. Conf. Robot. Electr. Signal Process. Tech. ICREST 2019: 643–646, doi: 10.1109/ICREST.2019.8644161.

TALUKDER S. and TALUKDER Z. A Survey on Malware Detection and Analysis Tools. Int. J. Netw. Secur. Its Appl., 2020, 12(2): 37–57, doi: 10.5121/ijnsa.2020.12203.

SIHWAIL R., OMAR K., and ZAINOL ARIFFIN K. A. A Survey on Malware analysis Techniques: Static, Dynamic, Hybrid, and Memory Analysis. Int. J. Adv. Sci. Eng. Inf. Technol., 2018, 8(4–2): 1662–1671.

HSIAO S. C. and KAO D. Y. The static analysis of WannaCry ransomware. Int. Conf. Adv. Commun. Technol. ICACT, 2018-February: 153–158, doi: 10.23919/ICACT.2018.8323680.