Analisis Efektivitas Keamanan Jaringan Layer 2: Port Security, VLAN Hopping, DHCP Snooping
Article Sidebar
📅
Published:
Sep 30, 2024
Main Article Content
Abstract
Article Summary
In the industrial era 4.0, which is marked by the rapid progress of computer networks and the internet, network security at Layer 2 is part of the Data Link Layer in the OSI model, which is very important considering the increasing number of cyber threats. This research aims to compare the effectiveness of various security algorithms applied to Layer 2 switches, namely MAC Address Filtering with Port Security, VLAN Hopping Mitigation, and DHCP Snooping. Some of these methods have the function or purpose of creating MAC address filtering, port limitations, VLAN protection, ARP, etc. The device used to conduct this research is a Cisco Switch. This research uses an experimental approach by implementing each method in different network scenarios and comparing it with external data, measuring effectiveness based on attack detection and prevention, as well as its impact on network performance, then combining several of these methods into one scope. The results show that each method has its own advantages and disadvantages, which function to block various types of attacks such as Flooding, Snooping, and Rogue DHCP. It is highly recommended to combine all security methods into one integrated system.
Keywords
Article Keywords
Downloads
Download data is not yet available.
Article Details
How to Cite
Nurfaishal, M. D., & Akbar, Y. (2024). Analisis Efektivitas Keamanan Jaringan Layer 2: Port Security, VLAN Hopping, DHCP Snooping. Jurnal Indonesia : Manajemen Informatika Dan Komunikasi, 5(3), 3278-3290. https://doi.org/10.35870/jimik.v5i3.975
Section
Articles
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License (CC-BY 4.0) that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
License: All articles are licensed under 
References
Adjei, H. A., Shunhua, M. T., Agordzo, G. K., Li, Y., Peprah, G., & Gyarteng, E. S. (2021, February). SSL stripping technique (DHCP snooping and ARP spoofing inspection). In 2021 23rd International Conference on Advanced Communication Technology (ICACT) (pp. 187-193). IEEE. https://doi.org/10.23919/ICACT51234.2021.9370460.
Akashi, S., & Tong, Y. (2019). Classification of DHCP spoofing and effectiveness of DHCP snooping. In Proceedings on 2018 International Conference on Advances in Computer Technology, Information Science and Communication, edited by Wen-Bing Horng and Yong Yue (pp. 233-238).
Al Fikri, K., & Djuniadi, D. (2021). Keamanan Jaringan Menggunakan Switch Port Security. InfoTekJar: Jurnal Nasional Informatika dan Teknologi Jaringan, 5(2), 302-307. https://doi.org/10.30743/infotekjar.v5i2.3501
Alsaadi, R. R., & Abdul-Zahra, D. S. Security DHCP Server on Lan Network. Turkish Journal of Physiotherapy and Rehabilitation, 32(3). 5121–5132.
Anggreni, N. K. A. S., & Jasa, L. (2022). Literatur Review Analisis metode De-Militarized Zone (DMZ) dan Switch Port Security Sebagai Metode Keamanan Jaringan. Majalah Ilmiah Teknologi Elektro, 21(2), 195.
Hayaty, N. (2020). Buku Ajar: Sistem Keamanan. Jakarta: Universitas Maritim.
Iskandar, D., Farisyihab, J. R., Bahari, M. H. T., Nurfaishal, M. D., & Khairullah, M. D. (2024). Application of The SD-WAN Load Balancing Method in Managing Internet Bandwidth at IDN Bogor Vocational School. International Journal Software Engineering and Computer Science (IJSECS), 4(1), 24-39. https://doi.org/10.35870/ijsecs.v4i1.2100.
Mahmood, S., Mohsin, S. M., & Akber, S. M. A. (2020, January). Network security issues of data link layer: An overview. In 2020 3rd international conference on computing, mathematics and engineering technologies (iCoMET) (pp. 1-6). IEEE. https://doi.org/10.1109/iCoMET48670.2020.9073825
Medianto, M. (2020). Analisis Keamanan Jaringan Local Area Network yang Menggunakan DHCP Server Berbasis Cisco dengan metode Penetration Testing. Journal of Information System and Technology (JOINT), 1(1), 100-124. https://doi.org/10.37253/joint.v1i1.1386.
Mughal, A. A. (2020). Cyber Attacks on OSI Layers: Understanding the Threat Landscape. Journal of Humanities and Applied Science Research, 3(1), 1-18. https://orcid.org/0009-0006-8460-8006.
Nasser, H. I., & Hussain, M. A. (2022). Provably curb man-in-the-middle attack-based ARP spoofing in a local network. Bulletin of Electrical Engineering and Informatics, 11(4), 2280-2291. https://doi.org/10.11591/eei.v11i4.3810.
Pradana, D. A., & Budiman, A. S. (2021). The dhcp snooping and dhcp alert method in securing dhcp server from dhcp rogue attack. IJID (International Journal on Informatics for Development), 10(1), 38-46. https://doi.org/10.14421/ijid.2021.2287
Purnomo, A. (2024). Implementation of DHCP Snooping Method to Improve Security on Computer Networks. bit-Tech, 6(3). https://doi.org/10.32877/bt.v6i3.1174
Quitiqut, T., & Bhuse, V. (2022, March). Utilizing Switch Port Link State to Detect Rogue Switches. In International Conference on Cyber Warfare and Security (Vol. 17, No. 1, pp. 272-278).
Sandi, T. A. A., Firmansyah, F., Dewi, S., Pratama, E. K., & Astuti, R. D. (2022). Comparison of Port Security Switch Layer 2 MAC Address Dynamic With MAC Address Static Sticky. Inspiration: Jurnal Teknologi Informasi dan Komunikasi, 12(2), 65-75. https://doi.org/10.35585/inspir.v12i2.8.
Saputra, B. R. (2022). Simulasi Keamanan Jaringan Dengan Metode DHCP Snooping Dan VLAN Mengggunakan CISCO. JATISI (Jurnal Teknik Informatika dan Sistem Informasi), 9(4), 3481-3488. https://doi.org/10.35957/jatisi.v9i4.2730.
Saputra, W., & Fajar Suryawan, S. T. (2017). Implementasi VLAN dan Spanning Tree Protocol Menggunakan GNS 3 dan Pengujian Sistem Keamanannya (Doctoral dissertation, Universitas Muhammadiyah Surakarta). https://eprints.ums.ac.id/id/eprint/56316.
Satria, A., & Ramadhani, F. (2023). Analisis Keamanan Jaringan Komputer dengan Menggunakan Switch Port Security di Cisco Packet Tracer. sudo Jurnal Teknik Informatika, 2(2), 52-60.
Setiawan, Y. B., Nawawi, I., & Pravitasari, D. (2022). Desain Infrastruktrur Jaringan Inter-Vlan dengan Keamanan Port Security dan Secure Shell Berbasis Protocol Open Short Path First. ULIL ALBAB: Jurnal Ilmiah Multidisiplin, 2(1), 250-258.
Sukaridhoto, S., & ST Ph, D. (2014). Buku Jaringan Komputer I. Surabaya: Politeknik Elektronika Negeri Surabaya.
Sulaiman, O. K. (2016). Analisis Sistem Keamanan Jaringan Dengan Menggunakan Switch Port Security. CESS (Journal Of Computer Engineering, System And Science), 1(1), 9-14.
Sutiman, S., & Gunawan, A. (2021). Firewall port security switch untuk keamanan jaringan komputer menggunakan cisco router 1600s pada pt. tirta kencana tata warna sukabumi. CONTEN: Computer and Network Technology, 1(1), 13-22. https://doi.org/10.31294/conten.v1i1.402
Tripathi, N., & Hubballi, N. (2018). Detecting stealth DHCP starvation attack using machine learning approach. Journal of Computer Virology and Hacking Techniques, 14, 233-244. https://doi.org/10.1007/s11416-017-0310-x.
Wibowo, A. (2022). Sistem jaringan komputer. Yayasan Prima Agus Teknik.
Zara, S. S., Elhanafi, A. M., & Handoko, D. (2020). Pemodelan jaringan WAN dengan teknologi frame relay dengan memanfaatkan switch port security sebagai sistem keamanan jaringan. SNASTIKOM, 1(2).
Akashi, S., & Tong, Y. (2019). Classification of DHCP spoofing and effectiveness of DHCP snooping. In Proceedings on 2018 International Conference on Advances in Computer Technology, Information Science and Communication, edited by Wen-Bing Horng and Yong Yue (pp. 233-238).
Al Fikri, K., & Djuniadi, D. (2021). Keamanan Jaringan Menggunakan Switch Port Security. InfoTekJar: Jurnal Nasional Informatika dan Teknologi Jaringan, 5(2), 302-307. https://doi.org/10.30743/infotekjar.v5i2.3501
Alsaadi, R. R., & Abdul-Zahra, D. S. Security DHCP Server on Lan Network. Turkish Journal of Physiotherapy and Rehabilitation, 32(3). 5121–5132.
Anggreni, N. K. A. S., & Jasa, L. (2022). Literatur Review Analisis metode De-Militarized Zone (DMZ) dan Switch Port Security Sebagai Metode Keamanan Jaringan. Majalah Ilmiah Teknologi Elektro, 21(2), 195.
Hayaty, N. (2020). Buku Ajar: Sistem Keamanan. Jakarta: Universitas Maritim.
Iskandar, D., Farisyihab, J. R., Bahari, M. H. T., Nurfaishal, M. D., & Khairullah, M. D. (2024). Application of The SD-WAN Load Balancing Method in Managing Internet Bandwidth at IDN Bogor Vocational School. International Journal Software Engineering and Computer Science (IJSECS), 4(1), 24-39. https://doi.org/10.35870/ijsecs.v4i1.2100.
Mahmood, S., Mohsin, S. M., & Akber, S. M. A. (2020, January). Network security issues of data link layer: An overview. In 2020 3rd international conference on computing, mathematics and engineering technologies (iCoMET) (pp. 1-6). IEEE. https://doi.org/10.1109/iCoMET48670.2020.9073825
Medianto, M. (2020). Analisis Keamanan Jaringan Local Area Network yang Menggunakan DHCP Server Berbasis Cisco dengan metode Penetration Testing. Journal of Information System and Technology (JOINT), 1(1), 100-124. https://doi.org/10.37253/joint.v1i1.1386.
Mughal, A. A. (2020). Cyber Attacks on OSI Layers: Understanding the Threat Landscape. Journal of Humanities and Applied Science Research, 3(1), 1-18. https://orcid.org/0009-0006-8460-8006.
Nasser, H. I., & Hussain, M. A. (2022). Provably curb man-in-the-middle attack-based ARP spoofing in a local network. Bulletin of Electrical Engineering and Informatics, 11(4), 2280-2291. https://doi.org/10.11591/eei.v11i4.3810.
Pradana, D. A., & Budiman, A. S. (2021). The dhcp snooping and dhcp alert method in securing dhcp server from dhcp rogue attack. IJID (International Journal on Informatics for Development), 10(1), 38-46. https://doi.org/10.14421/ijid.2021.2287
Purnomo, A. (2024). Implementation of DHCP Snooping Method to Improve Security on Computer Networks. bit-Tech, 6(3). https://doi.org/10.32877/bt.v6i3.1174
Quitiqut, T., & Bhuse, V. (2022, March). Utilizing Switch Port Link State to Detect Rogue Switches. In International Conference on Cyber Warfare and Security (Vol. 17, No. 1, pp. 272-278).
Sandi, T. A. A., Firmansyah, F., Dewi, S., Pratama, E. K., & Astuti, R. D. (2022). Comparison of Port Security Switch Layer 2 MAC Address Dynamic With MAC Address Static Sticky. Inspiration: Jurnal Teknologi Informasi dan Komunikasi, 12(2), 65-75. https://doi.org/10.35585/inspir.v12i2.8.
Saputra, B. R. (2022). Simulasi Keamanan Jaringan Dengan Metode DHCP Snooping Dan VLAN Mengggunakan CISCO. JATISI (Jurnal Teknik Informatika dan Sistem Informasi), 9(4), 3481-3488. https://doi.org/10.35957/jatisi.v9i4.2730.
Saputra, W., & Fajar Suryawan, S. T. (2017). Implementasi VLAN dan Spanning Tree Protocol Menggunakan GNS 3 dan Pengujian Sistem Keamanannya (Doctoral dissertation, Universitas Muhammadiyah Surakarta). https://eprints.ums.ac.id/id/eprint/56316.
Satria, A., & Ramadhani, F. (2023). Analisis Keamanan Jaringan Komputer dengan Menggunakan Switch Port Security di Cisco Packet Tracer. sudo Jurnal Teknik Informatika, 2(2), 52-60.
Setiawan, Y. B., Nawawi, I., & Pravitasari, D. (2022). Desain Infrastruktrur Jaringan Inter-Vlan dengan Keamanan Port Security dan Secure Shell Berbasis Protocol Open Short Path First. ULIL ALBAB: Jurnal Ilmiah Multidisiplin, 2(1), 250-258.
Sukaridhoto, S., & ST Ph, D. (2014). Buku Jaringan Komputer I. Surabaya: Politeknik Elektronika Negeri Surabaya.
Sulaiman, O. K. (2016). Analisis Sistem Keamanan Jaringan Dengan Menggunakan Switch Port Security. CESS (Journal Of Computer Engineering, System And Science), 1(1), 9-14.
Sutiman, S., & Gunawan, A. (2021). Firewall port security switch untuk keamanan jaringan komputer menggunakan cisco router 1600s pada pt. tirta kencana tata warna sukabumi. CONTEN: Computer and Network Technology, 1(1), 13-22. https://doi.org/10.31294/conten.v1i1.402
Tripathi, N., & Hubballi, N. (2018). Detecting stealth DHCP starvation attack using machine learning approach. Journal of Computer Virology and Hacking Techniques, 14, 233-244. https://doi.org/10.1007/s11416-017-0310-x.
Wibowo, A. (2022). Sistem jaringan komputer. Yayasan Prima Agus Teknik.
Zara, S. S., Elhanafi, A. M., & Handoko, D. (2020). Pemodelan jaringan WAN dengan teknologi frame relay dengan memanfaatkan switch port security sebagai sistem keamanan jaringan. SNASTIKOM, 1(2).