Internal Threat Defense using Network Access Control and Intrusion Prevention System

Putra, Andhika Surya; Surantha, Nico

doi:10.14569/ijacsa.2019.0100948

Cited by 2 publications

(2 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The test results obtained that the integration of cisco ISE as Network Access Control (NAC) and Cisco Firepower 8250 devices as IPS can prevent attacks to HTTP ports, SQL Injection, and OS Bash Injection Attack the server from internal attacks. Compared to using only NAC devices because Cisco ISE devices can not prevent such attacks [4].…”

Section: Literature Reviewmentioning

confidence: 99%

Evaluation of Data Center Network Security based on Next-Generation Firewall

Alhasan¹,

Surantha²

2021

IJACSA

Self Cite

View full text Add to dashboard Cite

This study aims to create a network security system that can mitigate attacks carried out by internal users and reduce attacks from internal networks. Further, a network security system is expected to overcome the difficulty of mitigating attacks carried out by internal users. The goal of this research is to analyze the effectiveness of the Next-Generation Firewall implemented to improve network security. The method used in this research is the comparison method with a test of TCP SYN attack, UDP flood attack, ICMP smurf attack, and DHCP starvation attack on a company network. From the experiment results, it can be concluded that the Next-Generation Firewall has significantly better performance for protecting mitigating attacks carried out by internal users on a company network. It can increase the security of data communication networks against threats from the internal networks.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Evaluation of Data Center Network Security based on Next-Generation Firewall

Alhasan¹,

Surantha²

2021

IJACSA

Self Cite

View full text Add to dashboard Cite

show abstract

“…It is crucial to safeguard computer networks and systems from unauthorized access and malicious activities. IDPS monitors network traffic and analyzes it for any signs of suspicious or malicious behavior [17]- [19]. IDPS includes detecting and preventing unauthorized access attempts, malware attacks, and other security breaches [20], [21].…”

Section: Introductionmentioning

confidence: 99%

Strengthening Network Security: Evaluation of Intrusion Detection and Prevention Systems Tools in Networking Systems

Prabowo,

Fauziah,

Nahrowi

et al. 2023

IJACSA

View full text Add to dashboard Cite

This study aims to enhance network security by comprehensively evaluating various Intrusion Detection and Prevention Systems tools in networking systems. The objectives of this research were to assess the performance of different IDPS tools in terms of computer resources utilization, Quality of Service metrics namely delay, jitter, throughput, and packet loss, and their effectiveness in countering Distributed Denial of Service attacks, specifically ICMP Flood and SYN Flood. The evaluation used popular IDPS tools, including Snort, Suricata, Zeek, OSSEC, and Honeypot Cowrie. Real attack scenarios were simulated to measure the tools performance. The results indicated CPU and RAM usage variations among the tools, with Snort and Suricata showing efficient resource utilization. Regarding QoS metrics, Snort demonstrated superior performance in delay, jitter, throughput, and packet loss mitigation for both attack types. The implication for further research lies in exploring the optimal configurations and finetuning of IDPS tools to achieve the best possible network security against DDoS attacks. This research provides valuable insights into selecting appropriate IDPS tools for network administrators, cybersecurity professionals, and organizations to fortify their infrastructure against evolving cyber threats.

show abstract

Internal Threat Defense using Network Access Control and Intrusion Prevention System

Cited by 2 publications

References 10 publications

Evaluation of Data Center Network Security based on Next-Generation Firewall

Evaluation of Data Center Network Security based on Next-Generation Firewall

Strengthening Network Security: Evaluation of Intrusion Detection and Prevention Systems Tools in Networking Systems

Contact Info

Product

Resources

About