IMPLEMENTATION OF THE SEMONT APPLICATION AS A SIGNATURE-BASED INTRUSION DETECTION AND PREVENTION SYSTEM ON THE SMAN 1 RANCAEKEK COMPUTER NETWORK
Keywords:
Semont; IDPS; Signature; Siber; InjectionAbstract
SMAN 1 Rancaekek is highly dependent on web applications that are vulnerable to injection attacks (SQL Injection, XSS, RCE, LFI), web defacement, and brute force, exacerbated by the absence of real-time monitoring, which has led to serious security incidents. This study aims to design and implement the Semont (Sentinel Monitoring) application as a signature-based Intrusion Detection and Prevention System (IDPS) to detect and prevent such cyber attacks, monitor network traffic on Port 80 (HTTP) and Port 443 (HTTPS), and generate comprehensive reports. The research method involved network system analysis and Semont design. The main contribution of this research is the development of a lightweight, efficient, and intuitive IDPS solution capable of protecting sensitive data and website visual integrity with minimal overhead. The analysis results show that Semont successfully detected and blocked 100% of simulated attacks, significantly changing the security posture of the SMAN 1 Rancaekek website from vulnerable to secure, supported by detailed logging and real-time notifications to Telegram. In conclusion, Semont proved to be highly effective in detecting and preventing common cyber attacks, meeting the need for proactive defense in educational environments, although the signature-based method is limited to zero-day attacks, which can be improved through the integration of anomaly detection in the future.
Downloads
References
Al Rubaiei, M., Al Yarubi, T., Al Saadi, M., & Kumar, B. (2020). SQLIA detection and prevention techniques. Proceedings of the 2020 9th International Conference on System Modeling and Advancement in Research Trends, SMART 2020, December 2023, 115–121. https://doi.org/10.1109/SMART50582.2020.9336795
Azeez, N. A., Bada, T. M., Misra, S., Adewumi, A., Van der Vyver, C., & Ahuja, R. (2020). Intrusion Detection and Prevention Systems: An Updated Review. Advances in Intelligent Systems and Computing, 1042(January), 685–696. https://doi.org/10.1007/978-981-32-9949-8_48
Elan Maulani, I., & Faisal umam, A. (2023). Evaluasi Efektivitas Sistem Deteksi Intrusi Dalam Menjamin Keamanan Jaringan. Jurnal Sosial Teknologi, 3(8), 662–667. https://doi.org/10.59188/jurnalsostech.v3i8.907
George, A. S., & George, A. S. H. (2021). A Brief Study on The Evolution of Next Generation Firewall and Web Application Firewall This work is licensed under a Creative Commons Attribution 4.0 International License A Brief Study on The Evolution of Next Generation Firewall and Web Application Fir. International Journal of Advanced Research in Computer and Communication Engineering, 10(5), 31–37. https://doi.org/10.17148/IJARCCE.2021.10504
Habibah, A. N. (2024). Keamanan informasi dalam konteks teknologi komunikasi modern. 2(6), 965–971.
Hadad, A. Al. (2025). Kerentanan IDOR: Kerentanan yang Unik dalam Aplikasi Web. CSIRT NUSA MANDIRI.
Id-SIRTII /CC. (2023). Lanskap Keamanan Siber Indonesia. Id-SIRTII /CC, 70, 1–107.
Irawan, A. S., Sakti Pramukantoro, E., & Kusyanti, A. (2018). Pengembangan Intrusion Detection System Terhadap SQL Injection Menggunakan Metode Learning Vector Quantization. Jurnal Pengembangan Teknologi Informasi Dan Ilmu Komputer, 2(6), 2295–2301.
Journal, I., Science, C., & Volume-, E. (2021). Ethical Hacking and Penetrate Testing using Kali and Metasploit Framework Mujahid Tabassum Saju Mohanan Department of IT , University of Technology and Department of IT , University of Technology and Applied Sciences Applied Sciences Muscat , Oman Tripti . 1, 9–22.
Kurniawan, A., Darus, M. Y., Ariffin, M. A. M., Muliono, Y., & Pardomuan, C. R. (2023). Automation of Quantifying Security Risk Level on Injection Attacks Based on Common Vulnerability Scoring System Metric. Pertanika Journal of Science and Technology, 31(3), 1245–1265. https://doi.org/10.47836/pjst.31.3.07
Mahdi Maulana Lubis, M., Handoko, D., & Wulan, N. (2022). Analisis Implementasi Laravel 9 Pada Website E-Book Dalam Mengatasi N+1 Problem Serta Penyerangan Csrf dan Xss. Januari, 2023(2), 173–187.
Nugraha, L. A., Kautsar, I. A., & Fitrani, A. S. (2024). SQL Injection: Analisis Efektivitas Uji Penetrasi dalam Aplikasi Web. Smatika Jurnal, 14(01), 111–123. https://doi.org/10.32664/smatika.v14i01.1224
Remesh Babu, K. R., Saritha, S., Preetha, K. G., Sangeetha, U., & Izudheen, S. (2023). An Intelligent Pattern Matching approach with Deep Hypersphere Model for Secure Big Data Storage in Cloud Environment. International Journal of Computer Information Systems and Industrial Management Applications, 15(2023), 166–175.
Sándor R. Répás, S. A. H. (2024). Anomaly Detection in Log Files Based on Machine Learning Techniques. Journal of Electrical Systems, 20(3s), 1299–1311. https://doi.org/10.52783/jes.1505
Saputra, I. P., Utami, E., & Muhammad, A. H. (2022). Comparison of Anomaly Based and Signature Based Methods in Detection of Scanning Vulnerability. International Conference on Electrical Engineering, Computer Science and Informatics (EECSI), 2022-Octob(October), 221–225. https://doi.org/10.23919/EECSI56542.2022.9946485
Somé, D. F. (n.d.). MatriXSSed : a New Taxonomy for XSS in the Modern Web. 4662–4672. https://doi.org/10.1145/3696410.3714774
Widodo, T., & Aji, A. S. (2022). Pemanfaatan Network Forensic Investigation Framework untuk Mengidentifikasi Serangan Jaringan Melalui Intrusion Detection System (IDS). JISKA (Jurnal Informatika Sunan Kalijaga), 7(1), 46–55. https://doi.org/10.14421/jiska.2022.7.1.46-55
Widyarto, E. Y., & Hapsari, D. K. (2022). Analisis Modus Operandi Tindak Kejahatan Menggunakan Teknik Komunikasi Love Scam Sebagai Ancaman pada Keamanan Sistem Informasi. Syntax Idea, 4(9), 1352. https://doi.org/10.36418/syntax-idea.v4i9.1959
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
