Clustering K-Means Using SNORT Application For Denial Of Service Attacks

Rifki Indra Perwira, Bagus Muhammad Akbar, Hari Prapcoyo

Abstract


Data quality and transparency are of the utmost importance for organizations. Collecting original data from the source without any indication of interruption or interception is an indicator of an attack on the server. The most common attack is Denial of Service (DoS), which is a type of pattern that will crash, shutdown, reboot, or not respond to services of a host on the network. One technique for this attack is the use of the k-means clustering method with a snort. This study aims to design a SNORT-Intrusion Detection System (IDS) application with a k-means algorithm that can categorize attacks into high, medium, and low attacks and is accurate on DoS attacks. Snort accuracy testing functions to measure the packet size detected by snort using an attack application, then the number of packets caught can be categorized using clustering techniques. From the measurement results, the increase was 73.18%. The contribution of this research is a survey and analysis of anomalous packets contained in a network. It can identify the level of types of attacks and take preventive measures from these attacks.


Keywords


Clustering, K-Means, Snort, DOS

Full Text:

PDF

References


Alfiansyah, B. (2018). Pengelompokan Notifikasi Alert Intrusion Detection System Snort Pada Bot Telegram Menggunakan Algoritma K-Means. University of Muhammadiyah Malang.

Anand Sukumar, J. V., Pranav, I., Neetish, M. M., & Narayanan, J. (2018). Network Intrusion Detection Using Improved Genetic k-means Algorithm. 2018 International Conference on Advances in Computing, Communications, and Informatics, ICACCI 2018, 2441–2446. https://doi.org/10.1109/ICACCI.2018.8554710

Ananta, A. Y. P. N. M. (2017). Seleksi Notifikasi Serangan Berbasis IDS Snort. SMARTICS Journal, 3(2), 31–38.

Christine, E. J., Hadi, M. Z. S., & Kusumaningtyas, E. M. (2011). Aplikasi hierarchical clustering pada intrusion detection system berbasis snort. ITS.

Effendy, D. A., Kusrini, K., & Sudarmawan, S. (2018). Classification of the intrusion detection system (IDS) based on the computer network. Proceedings - 2017 2nd International Conferences on Information Technology, Information Systems, and Electrical Engineering, ICITISEE 2017, 2018–January, 90–94. https://doi.org/10.1109/ICITISEE.2017.8285566

Elsa Kusuma, Jefri, H. A. (2019). Aplikasi Perhitungan Dan Visualisasi Jarak Terpendek Berdasarkan Data Coordinate Dengan Algoritma Dijkstra Dalam Kasus Pengantaran Barang Di Kawasan Jabodetabek. Jurnal SISFOKOM, 8(1).

Gondohanindijo, J. (2011). Sistem Untuk Mendeteksi Adanya Penyusup ( IDS : Intrusion Detection System ). 2, 46–54.

Heryanto, A., Stiawan, D., & N. (2016). Visualisasi Serangan Denial Of Service Dengan Clustering Menggunakan K-Means Algorithm. ANNUAL RESEARCH SEMINAR 2(1), 348–354.

Israelsson, P. (2005). A quick overview of Snort.

Juwita, S. (2013). Analysis Explotasi Keamanan Web Denial Of Service Attack. ComTech Computer Science Department, School of Computer Science, Binus University, 4(2), 1199–1205.

Maliki, I. (2016). Penilaian Tingkat Kematangan Manajemen Kualitas Informasi dengan Metode Caldea dan Evamecal,. Jurnal Imliah UNIKOM, 8(2).

Qiao, Y., & Yu, R. (2016). Software-Defined Networking (SDN) and Distributed Denial of Services (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges. On IEEE Communications Survey & Tutorials, Vol. 18.

R. I. Perwira, Y. Fauziah, I. P. R. Mahendra, D. B. P. and O. S. S. (2019). Anomaly-based Intrusion Detection and Prevention Using Adaptive Boosting in Software-defined Network. 5th International Conference on Science in Information Technology (ICSITech), Yogyakarta, Indonesia, 188–192.

Singh, A., Rana, A., & Pradesh, U. (2013). K-means with Three different Distance Metrics, 67(10), 13–17. International Journal of Computer Applications, 67(10).

Stiawan., D. (2009). Network Development Life Cycle," Fundamental Internetworking Development & Design Life Cycle.

Suyanto, A. H. (2004). PENGENALAN JARINGAN KOMPUTER.

Tanenbaum, A., S., D. J. W. (2013). Computers Network (5th ed.). Pearson Education India.

Xiaofeng, Z., & Xiaohong, H. (2018). Research on intrusion detection based on an improved combination of K-means and multi-level SVM. International Conference on Communication Technology Proceedings, ICCT, 2017–October 2042–2045. https://doi.org/10.1109/ICCT.2017.8359987

Yang, W. (2017). Efficient K-means Algorithm in Intrusion Detection. 132(Msam), 193–195. https://doi.org/10.2991/msam-17.2017.43




DOI: https://doi.org/10.31098/ess.v1i1.107

Article Metrics

Abstract view : 44 times
PDF - 19 times

Refbacks

  • There are currently no refbacks.


Copyright (c) 2020 Rifki Indra Perwira, Bagus Muhammad Akbar, Hari Prapcoyo

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

PUBLISHED BY:

LPPM UPN “Veteran” Yogyakarta, RSF PRESS & RESEARCH SYNERGY FOUNDATION

Proceeding of LPPM UPN “Veteran” Yogyakarta Conference Series 2020 – Engineering and Science (ESS). 

Mailing Address: 
Research Synergy Foundation
Jalan Nyaman no 31 
Komplek Sinergi Antapani 
Bandung 40291 - Indonesia. 

Gedung Rektorat Lt. 3 
Universitas Pembangunan Nasional "VETERAN" Yogyakarta 
Jl. SWK 104 (Lingkar Utara)
Condong Catur
Yogyakarta 55283 - Indonesia. 

Email:info@upnconfeseries.com

 
The Proceeding of LPPM UPN “Veteran” Yogyakarta Conference Series 2020 – Engineering and Science (ESS) is indexed by:
 
  
 
 
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.