Performance Evaluation of A Snort-Based Intrusion Detection System in A Hospital Network

Authors

  • Sabrina Nur Saraswati Universitas PGRI Adi Buana Surabaya
  • Muhammad Abdul Jumali Universitas PGRI Adi Buana Surabaya

DOI:

https://doi.org/10.33506/mt.v12i1.5110

Keywords:

Hospital Network, Intrusion Detection System, Network Security, Performance Evaluation, Snort

Abstract

Network security in hospital environments represents a critical challenge due to high traffic volumes and the sensitivity of medical data. This study aims to evaluate the performance of a Snort-based Intrusion Detection System (IDS) in detecting network attacks within the Mitra Keluarga Hospital infrastructure. The evaluation was conducted using an experimental approach by deploying Snort on a monitored server segment and performing simulated attacks, including port scanning, SSH brute force, ICMP flooding, and SQL injection. System performance was assessed based on detection respone time, detection rate, and alert consistency. The results demonstrate that the IDS successfully detected all tested attack scenarios, achieving respone times ranging from 0.4 to 1 second and a detection rate of 100% under the experimental conditions. However, potential false positives were identified in internal ICMP traffic, indicating the need for threshold parameter adjustment. These findings indicate that a Snort-based IDS is effective as an early attack detection mechanism for hospital networks and can be further enhanced through integration with centralized monitoring systems to support informed network security decision-making

References

Alshamrani, A., Chowdhary, A., Al-Bogami, N., & Huang, D. (2020). A survey on advanced persistent threats: Techniques, solutions, challenges, and research opportunities. IEEE Communications Surveys & Tutorials, 22(4), 2349–2376. https://doi.org/10.1109/COMST.2020.2977661

Behl, A., & Behl, K. (2017). Cyberwar: The Next Threat to National Security and What to Do About It. Oxford University Press.

Cisco. (2023). Snort 3 User Manual. Cisco Systems.

Daah, C., Qureshi, A., Awan, I., & Konur, S. (2025). Simulation-based evaluation of advanced threat detection and response in financial industry networks using zero trust and blockchain technology. Simulation Modelling Practice and Theory, 138, 103027. https://doi.org/https://doi.org/10.1016/j.simpat.2024.103027

Diana, L., Dini, P., & Paolini, D. (2025). Overview on Intrusion Detection Systems for Computers Networking Security. In Computers (Vol. 14, Issue 3, p. 87). https://doi.org/10.3390/computers14030087

ENISA. (2023). Threat Landscape for Health Sector. European Union Agency for Cybersecurity.

Ferrag, M. A., Maglaras, L., Moschoyiannis, S., & Janicke, H. (2020). Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study. Journal of Information Security and Applications, 50, 102419. https://doi.org/10.1016/j.jisa.2019.102419

Jeffrey, N., Tan, Q., & Villar, J. R. (2023). A Review of Anomaly Detection Strategies to Detect Threats to Cyber-Physical Systems. In Electronics (Vol. 12, Issue 15, p. 3283). https://doi.org/10.3390/electronics12153283

Jumali, M. A. (2018). Pengukuran kinerja sistem operasional berbasis indikator kuantitatif. Jurnal Teknik Industri, 19(2), 101–110.

Jumali, M. A., & Pratama, R. (2021). Continuous improvement pada sistem layanan berbasis pengukuran kinerja. Jurnal Sistem Dan Manajemen Industri, 5(1), 45–56.

Jumali, M. A., Santoso, B., & Lestari, D. (2023). Pengendalian variabilitas pada sistem sosio-teknis. International Journal of Industrial Engineering and Management, 14(3), 201–214.

Kampourakis, K. E., Gkioulos, V., Kavallieratos, G., & Lin, J.-C. (2025). Digital Twin-Enabled Incident Detection and Response: A Systematic Review of Critical Infrastructures Applications. International Journal of Information Security, 24(5), 194. https://doi.org/10.1007/s10207-025-01113-0

Kumar, R., & Tripathi, R. (2021). Secure healthcare systems using intrusion detection techniques. Computer Communications, 172, 95–108. https://doi.org/10.1016/j.comcom.2021.03.005

Llopis Sanchez, S., Sandoval Rodriguez-Bermejo, D., Daton Medenou, R., Pasqual de Riquelme, R., Torelli, F., & Maestre Vidal, J. (2022). Tackling Verification and Validation Techniques to Evaluate Cyber Situational Awareness Capabilities. In Mathematics (Vol. 10, Issue 15, p. 2617). https://doi.org/10.3390/math10152617

Mohamed, N. (2025). Artificial intelligence and machine learning in cybersecurity: a deep dive into state-of-the-art techniques and future paradigms. Knowledge and Information Systems, 67(8), 6969–7055. https://doi.org/10.1007/s10115-025-02429-y

Neely, A., Gregory, M., & Platts, K. (2015). Performance measurement system design: A literature review and research agenda. International Journal of Operations & Production Management, 25(12), 1228–1263. https://doi.org/10.1108/01443570510633639

NIST. (2024). Cybersecurity Framework 2.0. National Institute of Standards and Technology.

Sarker, I. H., Abushark, Y., Alsolami, F., & Khan, A. (2020). Intrusion detection systems in healthcare: A review. IEEE Access, 8, 115563–115587. https://doi.org/10.1109/ACCESS.2020.3003721

Scarfone, K., & Mell, P. (2019). Guide to Intrusion Detection and Prevention Systems (IDPS). National Institute of Standards and Technology.

Security, I. B. M. (2023). Cost of a Data Breach Report. IBM Corporation.

Shone, N., Ngoc, T., Phai, V., & Shi, Q. (2018). A deep learning approach to network intrusion detection. IEEE Transactions on Emerging Topics in Computational Intelligence, 2(1), 41–50. https://doi.org/10.1109/TETCI.2017.2772792

Smiliotopoulos, C., Kambourakis, G., & Kolias, C. (2024). Detecting lateral movement: A systematic survey. Heliyon, 10(4), e26317. https://doi.org/https://doi.org/10.1016/j.heliyon.2024.e26317

Sommer, R., & Paxson, V. (2019). Outside the closed world: On using machine learning for network intrusion detection. IEEE Symposium on Security and Privacy, 305–316. https://doi.org/10.1109/SP.2010.25

Sophos. (2024). The State of Ransomware in Healthcare. Sophos Ltd.

Szynkiewicz, P. (2022). Signature-Based Detection of Botnet DDoS Attacks (pp. 120–135). https://doi.org/10.1007/978-3-031-04036-8_6

Zhang, Y., & Wei, J. (2022). Network intrusion detection for hospital information systems. Journal of Medical Systems, 46(3), 1–12. https://doi.org/10.1007/s10916-022-01834-9

Downloads

Published

31-03-2026

How to Cite

Saraswati, S. N., & Jumali, M. A. (2026). Performance Evaluation of A Snort-Based Intrusion Detection System in A Hospital Network. Metode : Jurnal Teknik Industri, 12(1), 122–131. https://doi.org/10.33506/mt.v12i1.5110

Issue

Vol. 12 No. 1 (2026): Jurnal Metode

Section

Articles

License

Copyright (c) 2026 Sabrina Nur Saraswati, Muhammad Abdul Jumali

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Similar Articles

1 2 3 4 5 6 > >> 

You may also start an advanced similarity search for this article.