<![CDATA[Network security is an important factor in securing data on a server, so a server needs to be kept safe from things that could threaten the validity and integrity of stored data. One way that can be used to detect threats on a server is implementing an Intrusion detection system on the server. A literature study conducted on research that implemented intrusion detection systems, found that there was a lack of intrusion detection system research that could detect one type of network security attack with a variety of attack variables and it was also found in research that had successfully implemented an intrusion detection system to detect network security attacks but still incorrectly identifying the type of attack. This research uses the Snort intrusion detection system method with an experimental model of an attack detection system and an Android application which is applied to monitor the statistics of attacks detected on the Xyz University network. The research results showed that the rules created on the IDS can detect network security attacks, especially DoS/DDoS and PortScan attacks. Then an IDS was created that can send application alert notifications and SMS with a response time that is quite responsive based on the NIST Cybersecurity reference with an average of 22 seconds for DoS/DDoS attacks and 21 seconds for Port Scanning attacks. For the percentage results from 3 times testing the rule by sending DoS/DDoS attack packets of 309,462 to 1,459,548, getting a high level of accuracy with an average of 92.1% on first test, 91.7% on the second test and 91.5% on the third test. In the results of testing the PortScan rule by sending 1,001 to 10,564 attack packets, a high level of accuracy was obtained with an average result of 92.2% in the first test, 94.2% in the second test and 93.4% in the third test.]]>
