This study is motivated by the increasing network security threats accompanying the growth of digital-based services in government institutions. One of the most common threats is the Distributed Denial of Service (DDoS) attack, which can cause network performance degradation and service disruption. This research aims to analyze the effectiveness of implementing a MikroTik firewall in mitigating DDoS attacks on the network of the Diskominfo Kota Kediri using the Network Development Life Cycle (NDLC) method. The research stages consisted of analysis, design, simulation, implementation, monitoring, and management. The testing process was conducted by simulating SYN Flood attacks using the Hping3 application. The evaluated parameters included throughput, delay, packet loss, and CPU utilization on the router. The experimental results showed that under DDoS attack conditions without firewall protection, throughput increased to approximately 40 Mbps, delay reached 5–15 ms, packet loss ranged from approximately 20–30%, and CPU utilization increased to 99–100%. After the firewall was implemented, network performance improved significantly, with throughput decreasing to approximately 2 Mbps, delay stabilizing below 1 ms, packet loss reduced to 0%, and CPU utilization decreasing to approximately 3%. These findings indicate that the MikroTik firewall is effective in filtering abnormal traffic and reducing system load, thereby improving network stability and maintaining service quality based on Quality of Service (QoS) parameters.

DDoS; NDLC; network security; mikrotik firewall; SYN flood

BPK RI, “Peraturan Presiden Nomor 95 Tahun 2018 tentang Sistem Pemerintahan berbasis Elektronik,” 2018.

B. S. dan S. Negara, “Strategi Keamanan Siber Nasional dan Peran BSSN,” Badan Siber dan Sandi Negara, 2021.

L. Chen and others, “Mitigating DDoS Attacks in Cloud Environments: A Review and Future Directions,” Futur. Gener. Comput. Syst., Vol. 140, pp. 45–60, 2023, DOI: 10.1016/j.future.2023.03.017.

Y. Zhang and others, “A Survey on DDoS Attack Detection in SDN-based Networks,” Comput. Networks, Vol. 223, p. 109567, 2023.

F. Prasetyo, A. Hamzah, W. Agel, and R. O. F. Kusuma, “Impelementasi Sistem Keamanan Jaringan Mikrotik menggunakan Firewall Filtering dan Port Knocking,” J. Sistim Inf. dan Teknol., Vol. 5, No. 4, pp. 82–87, 2023, DOI: 10.60083/jsisfotek.v5i4.329.

E. Eben, M. Mukramin, and H. Abduh, “Pengembangan Manajemen Keamanan Jaringan Nirkabel (Wifi) menggunakan Routerboard Mikrotik dan Firewall pada SMK Kristen Palopo,” J. Inform. dan Tek. Elektro Terap., Vol. 12, No. 3, 2024, DOI: 10.23960/jitet.v12i3.4716.

A. C. Dachi and H. Noprisson, “Model Implementasi Firewall MikroTik dalam Pengelolaan Trafik dan Keamanan Jaringan,” JSAI J. SCI. Appl. Informatics, Vol. 8, No. 3, pp. 788–793, 2025, DOI: 10.36085/jsai.v8i3.7878.

W. W. Purba and R. Efendi, “Perancangan dan Analisis Sistem Keamanan Jaringan Komputer menggunakan SNORT,” Aiti, Vol. 17, No. 2, pp. 143–158, 2021, DOI: 10.24246/aiti.v17i2.143-158.

M. N. Rokhman and et al., “Implementasi Firewall Filter Rule dan RAW sebagai Metode Pengamanan Jaringan pada Perpustakaan XYZ,” J. Elektrosista, Vol. 11, No. 1, pp. 58–75, 2023, DOI: 10.63824/jtep.v11i1.142.

F. I. Wijaya, M. Innuddin, and K. A. Latif, “Analisa Penerapan Fitur Firewall pada Mikrotik untuk mengamankan dari Serangan Denial of Service (DoS),” Panthera J. Ilm. Pendidik. Sains dan Terap., Vol. 5, No. 3, pp. 570–592, 2025, DOI: 10.36312/panthera.v5i3.546.

D. Firmansyah and H. Hidayat, “Analisis Performa Jaringan setelah Implementasi Firewall pada Router Mikrotik,” J. Teknol. dan Sist. Komput., Vol. 11, No. 1, pp. 34–41, 2024.

A. N. Hairun, “Penerapan Firewall di Router OS Mikrotik untuk mengantisipasi Serangan DoS,” J. Jar. dan Inform., 2023.

R. Sulaiman, A. M. Raya, L. Laurentinus, and P. Padli, “Pemanfaatan Mikrotik RB942-2ND menggunakan Metode Firewall Filtering untuk Keamanan Jaringan dengan Model Forensikk,” J. Teknol., Vol. 17, No. 1, pp. 65–71, 2024, DOI: 10.34151/jurtek.v17i1.4725.

T. Rahman and R. C. Wardoyo, “Pengembangan Firewall Mikrotik dalam Blocking Akses untuk meningkatkan Keamanan Jaringan Kantor Desa Cibalandong Subang,” J. Ilm. Sinus (JIS, Vol. 23, No. 1, p. 15, 2025, DOI: 10.30646/sinus.v23i1.853.

H. A. Al Kautsar and R. Sastra, “Implementasi Firewall Mikrotik dalam Pembatasan Akses Situs Terlarang di RT/RW Net,” Comput. SCI., Vol. 5, No. 2, pp. 123–132, Jul. 2025, DOI: 10.31294/coscience.v5i2.8897.

B. Cahya, F. Rizki, A. Sutiyo, Y. El Saputra, and M. Elfarizi, “Implementasi Firewall pada Mikrotik untuk Keamanan Jaringan,” J. JOCOTIS-Journal SCI. Inform. Robot. E, Vol. 1, No. 2, pp. 63–80, 2023, [Online]. Available: https://jurnal.ittc.web.id/index.php/jct/

S. Kenat, “Analisis Keamanan Jaringan menggunakan Mikrotik pada Lab Komputer STMIK Widuri,” Neptunus J. Ilmu Komput. dan Teknol. Inf., Vol. 2, No. 3, pp. 16–24, 2024, DOI: 10.61132/neptunus.v2i3.177.

A. K. Tahirou, K. Konate, and M. M. Soidridine, “Detection and Mitigation of DDoS Attacks in SDN using Machine Learning (ML),” Proc. - 2023 Int. Conf. Digit. Age Technol. Adv. Sustain. Dev. ICDATA 2023, Vol. 11, pp. 52–59, 2023, DOI: 10.1109/ICDATA58816.2023.00019.

M. A. Ferrag, L. Maglaras, S. Moschoyiannis, and H. Janicke, “Deep Learning for Cyber Security Intrusion Detection: Approaches, Datasets, and Comparative Study,” J. Inf. Secur. Appl., Vol. 50, No. 3, 2020, DOI: 10.1016/j.jisa.2019.102419.

S. K. Singh, “Machine Learning-based DDoS Detection Techniques,” IEEE Access, Vol. 8, 2020, DOI: 10.1109/ACCESS.2020.2988452.

H. T. Nguyen, T. V Phan, and N. H. Tran, “A Deep Learning Approach for DDoS Attack Detection in Software-Defined Networking,” Futur. Gener. Comput. Syst., Vol. 124, pp. 123–135, 2021, DOI: 10.1016/j.future.2021.05.003.

M. Al-Fares and et al., “A Survey of QoS in Network Performance Evaluation,” IEEE Commun. Surv. Tutorials, 2020, DOI: 10.1109/COMST.2020.2974748.

S. Troia and et al., “Performance Characterization and Profiling of Chained CPU-based Virtual Network Functions,” Comput. Networks, Vol. 225, 2023, DOI: 10.1016/j.comnet.2023.109628.

R. Santosa, A. Haq, and M. Khanif, “Comparative Analysis of Resource Utilization on 2.4 GHz and 5.8 GHz Wireless LAN Network Frequencies (OpenWrt Firmware Case Study),” J. Telecommun. Electron. Control Eng., Vol. 6, No. 2, pp. 176–187, 2024, DOI: 10.20895/jtece.v6i2.1394.