SISTEM DETEKSI SERANGAN OUTSIDER PADA GERAKAN LATERAL SSH MENGGUNAKAN METODE RULE BASED

KOSTIENE, ZINNIARETHIE ANDARI and Prasetyo, Aditya Putra Perdana and Afifah, Nurul (2025) SISTEM DETEKSI SERANGAN OUTSIDER PADA GERAKAN LATERAL SSH MENGGUNAKAN METODE RULE BASED. Diploma thesis, Sriwijaya University.

[thumbnail of RAMA_56401_09030582226007_cover.jpg]
Preview
 Image
RAMA_56401_09030582226007_cover.jpg - Accepted Version
Available under License Creative Commons Public Domain Dedication.
Download (128kB) | Preview
[thumbnail of RAMA_56401_09030582226007.pdf] Text
RAMA_56401_09030582226007.pdf - Accepted Version
Restricted to Repository staff only
Available under License Creative Commons Public Domain Dedication.
Download (5MB) | Request a copy
[thumbnail of RAMA_56401_09030582226007_TURNITIN.pdf] Text
RAMA_56401_09030582226007_TURNITIN.pdf - Accepted Version
Restricted to Repository staff only
Available under License Creative Commons Public Domain Dedication.
Download (16MB) | Request a copy
[thumbnail of RAMA_56401_09030582226007_0020108805_0010119206_01_front_ref.pdf] Text
RAMA_56401_09030582226007_0020108805_0010119206_01_front_ref.pdf - Accepted Version
Available under License Creative Commons Public Domain Dedication.
Download (725kB)
[thumbnail of RAMA_56401_09030582226007_0020108805_0010119206_02.pdf] Text
RAMA_56401_09030582226007_0020108805_0010119206_02.pdf - Accepted Version
Restricted to Repository staff only
Available under License Creative Commons Public Domain Dedication.
Download (514kB) | Request a copy
[thumbnail of RAMA_56401_09030582226007_0020108805_0010119206_03.pdf] Text
RAMA_56401_09030582226007_0020108805_0010119206_03.pdf - Accepted Version
Restricted to Repository staff only
Available under License Creative Commons Public Domain Dedication.
Download (419kB) | Request a copy
[thumbnail of RAMA_56401_09030582226007_0020108805_0010119206_04.pdf] Text
RAMA_56401_09030582226007_0020108805_0010119206_04.pdf - Accepted Version
Restricted to Repository staff only
Available under License Creative Commons Public Domain Dedication.
Download (2MB) | Request a copy
[thumbnail of RAMA_56401_09030582226007_0020108805_0010119206_05.pdf] Text
RAMA_56401_09030582226007_0020108805_0010119206_05.pdf - Accepted Version
Restricted to Repository staff only
Available under License Creative Commons Public Domain Dedication.
Download (172kB) | Request a copy
[thumbnail of RAMA_56401_09030582226007_0020108805_0010119206_06_ref.pdf] Text
RAMA_56401_09030582226007_0020108805_0010119206_06_ref.pdf - Bibliography
Restricted to Repository staff only
Available under License Creative Commons Public Domain Dedication.
Download (165kB) | Request a copy
[thumbnail of RAMA_56401_09030582226007_0020108805_0010119206_07_lamp.pdf] Text
RAMA_56401_09030582226007_0020108805_0010119206_07_lamp.pdf - Accepted Version
Restricted to Repository staff only
Available under License Creative Commons Public Domain Dedication.
Download (1MB) | Request a copy

Abstract

The advancement of computer network technology has brought significant benefits in data exchange and communication, but it also introduces cybersecurity risks, one of which is lateral movement. This type of attack occurs when an attacker gains initial access to a system and then moves laterally across the internal network to obtain more valuable information. This study aims to simulate and detect brute force attacks on the SSH service, which can be exploited in lateral movement scenarios. The simulation involves targeting a non-standard SSH port (port 2222) using a Python script and a wordlist to guess login credentials. The results show that an external attacker was able to gain access to the victim's system, and this activity was successfully detected using network analysis tools such as Wireshark, Snort, and NetworkMiner. These tools demonstrated effectiveness in identifying attack patterns through data packets, alert rules, and network artifacts. Additionally, mitigation measures such as changing the SSH port, disabling conventional login methods, and implementing SSH key-based authentication proved effective in preventing similar attacks during repeated testing. Therefore, a rule-based detection approach combined with proper security configurations can significantly enhance a system’s resilience against SSH-based lateral movement attacks.

Item Type: Thesis (Diploma)
Uncontrolled Keywords: Lateral Movement, SSH, Brute Force, Intrusion Detection System, Snort, Wireshark, NetworkMiner, Rule-Based Detection
Subjects: Z Bibliography. Library Science. Information Resources > ZA Information resources > ZA4150-4380 Computer network resources
Divisions: 09-Faculty of Computer Science > 56401-Computer Engineering (D3)
Depositing User: Zinniarethie Andari Kostiene
Date Deposited: 07 Jul 2025 04:13
Last Modified: 07 Jul 2025 04:13
URI: http://repository.unsri.ac.id/id/eprint/176978

Actions (login required)

View Item View Item