Implementasi Snort pada Simulator GRFICSv2 sebagai Sarana Pembelajaran di Poltek SSN

Authors

  • Rahmat Purwoko Politeknik Siber dan Sandi Negara
  • Marcella

DOI:

https://doi.org/10.56706/ik.v18i1.87

Keywords:

ICS, Poltek SSN, Simulator, Uji-t berpasangan

Abstract

Pada beberapa tahun terakhir kasus kejahatan siber semakin meningkat serta target serangan semakin beragam. Industrial Control System (ICS) sebagai infrastruktur kritis juga menjadi target serangan siber. Politeknik Siber dan Sandi Negara (Poltek SSN) memiliki program studi Rekayasa Keamanan Siber (RKS) yang bertujuan mencetak praktisi keamanan siber nasional. Untuk meningkatkan keterampilan taruna Poltek SSN dapat dilakukan pembelajaran yang mampu memberikan simulasi terkait proses fisik ICS. Penelitian ini menggunakan simulator Graphical Realism Framework for Industrial Control Simulation versi 2 (GRFICSv2) untuk memberikan gambaran mengenai proses fisik ICS dengan penambahan aspek keamanan berupa Intrusion Detection System (IDS) Snort. Penelitian ini menggunakan simulasi serangan Injecting Malicious Modbus Command dan Uploading Malicious PLC Program. Serangan dilakukan dengan menargetkan simulator dan IDS Snort memberikan informasi atau alert. Pengujian pemahaman berupa pre-test dan pos-test diberikan kepada taruna Poltek SSN untuk mengetahui pemahaman terhadap proses fisik dan keamanannya. Hasil pengujian yang didapatkan diolah menggunakan uji-t berpasangan untuk mengetahui perbedaan nilai rata-rata sebelum dan sesudah adanya simulator.

References

Referensi

Direktorat Operasi Keamanan Siber BSSN, “Laporan Tahunan Monitoring Keamanan Siber 2021”.

V. Gkioulos And N. Chowdhury, “Cyber Security Training For Critical Infrastructure Protection: A Literature Review,” Computer Science Review, Vol. 40. Elsevier Ireland Ltd, May 01, 2021. DOI: 10.1016/J.Cosrev.2021.100361.

K. S. Robbani And A. H. Reksoprodjo, “Perlindungan Infrastruktur Informasi Kritikal Nasional Sektor Ketenagalistrikan Dari Ancaman Siber Critical National Information Infrastructure Protection On Electricity Sector From Cyber Threats.”

M. Conti, D. Donadel, And F. Turrin, “A Survey On Industrial Control System Testbeds And Datasets For Security Research,” Feb. 2021, DOI: 10.1109/Comst.2021.3094360.

M. A. Teixeira, T. Salman, M. Zolanvari, R. Jain, N. Meskin, And M. Samaka, “Scada System Testbed For Cybersecurity Research Using Machine Learning Approach,” Future Internet, Vol. 10, No. 8, Aug. 2018, DOI: 10.3390/Fi10080076.

“Keamanan Siber – Politeknik Siber Dan Sandi Negara.” https://poltekssn.ac.id/rks/ (Accessed Oct. 22, 2022).

D. Formby, M. Rad, And R. Beyah, “Lowering The Barriers To Industrial Control System Security With Grfics,” 2018.

G. Samrat Krishna, T. Srinivasa Ravi Kiran, And A. Srisaila, “Testing Performance Of Raspberrypi As Ids Using Snort,” Mater Today Proc, Feb. 2021, DOI: 10.1016/J.Matpr.2021.01.607.

“What Is Snort?” Https://Www.Snort.Org/Faq/What-Is-Snort (Accessed Oct. 22, 2022).

G. K. Bada, W. K. Nabare, And D. K. K. Quansah, “Comparative Analysis Of The Performance Of Network Intrusion Detection Systems: Snort, Suricata And Bro Intrusion Detection Systems In Perspective,” Int J Comput Appl, Vol. 176, No. 40, Pp. 39–44, Jul. 2020, DOI: 10.5120/Ijca2020920513.

K. Stouffer, V. Pillitteri, S. Lightman, M. Abrams, And A. Hahn, “Guide To Industrial Control Systems (ICS) Security,” Gaithersburg, Md, Jun. 2015. DOI: 10.6028/Nist.Sp.800-82r2.

A. Abou El Kalam, “Securing Scada And Critical Industrial Systems: From Needs To Security Mechanisms,” International Journal Of Critical Infrastructure Protection, Vol. 32, Mar. 2021, DOI: 10.1016/J.Ijcip.2020.100394.

D. Upadhyay And S. Sampalli, “Scada (Supervisory Control And Data Acquisition) Systems: Vulnerability Assessment And Security Recommendations,” Comput Secur, Vol. 89, Feb. 2020, DOI: 10.1016/J.Cose.2019.101666.

A. Ghaleb, S. Zhioua, And A. Almulhem, “On Plc Network Security,” International Journal Of Critical Infrastructure Protection, Vol. 22, Pp. 62–69, Sep. 2018, DOI: 10.1016/J.Ijcip.2018.05.004.

Ieee Staff, 2018 Ieee 5th International Conference On Methods And Systems Of Navigation And Motion Control (Msnmc). IEEE, 2018.

E. I. Evangelia, “Vulnerabilities Of The Modbus Protocol,” 2018.

C. Parian, T. Guldimann, And S. Bhatia, “Fooling The Master: Exploiting Weaknesses In The Modbus Protocol,” In Procedia Computer Science, Elsevier B.V., 2020, Pp. 2453–2458. DOI: 10.1016/J.Procs.2020.04.265.

B. Phillips, E. Gamess, And S. Krishnaprasad, “An Evaluation Of Machine Learning-Based Anomaly Detection In A Scada System Using The Modbus Protocol,” In Acmse 2020 - Proceedings Of The 2020 Acm Southeast Conference, Association For Computing Machinery, Inc, Apr. 2020, Pp. 188–196. DOI: 10.1145/3374135.3385282.

N. Firuza Ilxomovna, “Iqro Jurnali / 2023 Increasing The Effectiveness Of Education And The Role Of Interactive Medodes In Teaching The Subject Of Batanics,” Vol. 2, No. 1, [Online]. Available: Https://Wordlyknowledge.Uz/

E. Ukwandu Et Al., “A Review Of Cyber-Ranges And Test-Beds: Current And Future Trends,” Sensors (Switzerland), Vol. 20, No. 24. Mdpi Ag, Pp. 1–36, Dec. 02, 2020. DOI: 10.3390/S20247148.

N. R. Riyadi, “Pengujian Usability Untuk Meningkatkan Antarmuka Aplikasi Mobile Myumm Students,” Jurnal Sistemasi, Vol. 8, Pp. 226–232, 2019.

U. Beda Dua Rata-Rata Berpasangan And D. Oleh Mieke Nurmalasari, “Modul Statistik Inferens (Mik 411),” 2018.

Downloads

Submitted

22-11-2023

Accepted

30-04-2024

Published

28-05-2024

Issue

Section

Articles