Denial of Service (DoS) Attack and Intrusion Detection System (IDS)

On 04th December 2020, I was invited to share about DoS and IDS to Cyber Security Specialist Student from BINUS University.

They are fresh when hearing about topic in their field.

First Slide after Introduction, i reaffirm that it was educational purpose only. Don’t try this illegally or you’ll be in prison by UU 11 (2008) which revised with UU 19 (2016). Be an ethical hacker!

Denial of Service is an attack which flooding request with the intention to make a certain service unavailable by using client/connection.

Types of DDOS?
1) Volume Based Attack;
2) Protocol Attack;
3)Application Layer Attack.

DoS uses single client as attacker, and DDoS use multiple client as attacker. It’s the main difference between these attack. What is the solution?

The opposite of DDoS is anti-DDoS right?
How about the other solution? IDS, IPS, monitoring tools like cloud monitor, or etc can be a solution.

DDoS Solution

After doing demo about DoS attack, i try to move to IDS as next topic.

IDS is a device, it will monitor real-time network traffic and trace anomaly for any suspicious activity.

By location, IDS has two types.
1) Network-Based, it will be only single device which can monitor all traffic in one network;
2) Host-Based, it will be used agent for each instance which wanted to be monitored.

Methods of Detection, they are two!
1) Rule-Based, we define the rule and all traffic which suit with the rule, will be detected and noted in the log file;
2) Anomaly Detection, the system itself will use data to forecast the future traffic and if it’s out of system’s forecast then it will be classified as intrusion.

You can use several tool with quite similar function.
1) Wazuh;
2) Snort;
3) Cloudflare;
4) Akamai;
5) Security Center;
6) etc (Choose what you want)

Similar tool

To be motivated, I show several certification that they can try to explore more about Cyber Security field. I show CPSP for Payment Security, CND maybe for blue team, CEH maybe for red team, and also if they want to learn about security on cloud then they should try Alibaba ACA/ACP/ACE Cloud Security, etc.

Several Certification

Published by boy.suganda

My name is Boy Suganda Sinaga. I worked as Site Reliability Engineer (SRE) at Shipper Indonesia. I'm still developing my skill, both hard-skill and soft-skill. Let's work together, to bring better future for others.

Leave a Reply

Your email address will not be published. Required fields are marked *