Clustering K-Means Using SNORT Application For Denial Of Service Attacks

Authors

  • Rifki Indra Perwira Universitas Pembangunan Nasional Veteran Yogyakarta
  • Bagus Muhammad Akbar Universitas Pembangunan Nasional Veteran Yogyakarta
  • Hari Prapcoyo Universitas Pembangunan Nasional Veteran Yogyakarta

DOI:

https://doi.org/10.31098/ess.v1i1.107

Keywords:

Clustering, K-Means, Snort, DOS

Abstract

Data quality and transparency are of the utmost importance for organizations. Collecting original data from the source without any indication of interruption or interception is an indicator of an attack on the server. The most common attack is Denial of Service (DoS), which is a type of pattern that will crash, shutdown, reboot, or not respond to services of a host on the network. One technique for this attack is the use of the k-means clustering method with a snort. This study aims to design a SNORT-Intrusion Detection System (IDS) application with a k-means algorithm that can categorize attacks into high, medium, and low attacks and is accurate on DoS attacks. Snort accuracy testing functions to measure the packet size detected by snort using an attack application, then the number of packets caught can be categorized using clustering techniques. From the measurement results, the increase was 73.18%. The contribution of this research is a survey and analysis of anomalous packets contained in a network. It can identify the level of types of attacks and take preventive measures from these attacks.

References

Alfiansyah, B. (2018). Pengelompokan Notifikasi Alert Intrusion Detection System Snort Pada Bot Telegram Menggunakan Algoritma K-Means. University of Muhammadiyah Malang.

Anand Sukumar, J. V., Pranav, I., Neetish, M. M., & Narayanan, J. (2018). Network Intrusion Detection Using Improved Genetic k-means Algorithm. 2018 International Conference on Advances in Computing, Communications, and Informatics, ICACCI 2018, 2441–2446. https://doi.org/10.1109/ICACCI.2018.8554710

Ananta, A. Y. P. N. M. (2017). Seleksi Notifikasi Serangan Berbasis IDS Snort. SMARTICS Journal, 3(2), 31–38.

Christine, E. J., Hadi, M. Z. S., & Kusumaningtyas, E. M. (2011). Aplikasi hierarchical clustering pada intrusion detection system berbasis snort. ITS.

Effendy, D. A., Kusrini, K., & Sudarmawan, S. (2018). Classification of the intrusion detection system (IDS) based on the computer network. Proceedings - 2017 2nd International Conferences on Information Technology, Information Systems, and Electrical Engineering, ICITISEE 2017, 2018–January, 90–94. https://doi.org/10.1109/ICITISEE.2017.8285566

Elsa Kusuma, Jefri, H. A. (2019). Aplikasi Perhitungan Dan Visualisasi Jarak Terpendek Berdasarkan Data Coordinate Dengan Algoritma Dijkstra Dalam Kasus Pengantaran Barang Di Kawasan Jabodetabek. Jurnal SISFOKOM, 8(1).

Gondohanindijo, J. (2011). Sistem Untuk Mendeteksi Adanya Penyusup ( IDS : Intrusion Detection System ). 2, 46–54.

Heryanto, A., Stiawan, D., & N. (2016). Visualisasi Serangan Denial Of Service Dengan Clustering Menggunakan K-Means Algorithm. ANNUAL RESEARCH SEMINAR 2(1), 348–354.

Israelsson, P. (2005). A quick overview of Snort.

Juwita, S. (2013). Analysis Explotasi Keamanan Web Denial Of Service Attack. ComTech Computer Science Department, School of Computer Science, Binus University, 4(2), 1199–1205.

Maliki, I. (2016). Penilaian Tingkat Kematangan Manajemen Kualitas Informasi dengan Metode Caldea dan Evamecal,. Jurnal Imliah UNIKOM, 8(2).

Qiao, Y., & Yu, R. (2016). Software-Defined Networking (SDN) and Distributed Denial of Services (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges. On IEEE Communications Survey & Tutorials, Vol. 18.

R. I. Perwira, Y. Fauziah, I. P. R. Mahendra, D. B. P. and O. S. S. (2019). Anomaly-based Intrusion Detection and Prevention Using Adaptive Boosting in Software-defined Network. 5th International Conference on Science in Information Technology (ICSITech), Yogyakarta, Indonesia, 188–192.

Singh, A., Rana, A., & Pradesh, U. (2013). K-means with Three different Distance Metrics, 67(10), 13–17. International Journal of Computer Applications, 67(10).

Stiawan., D. (2009). Network Development Life Cycle," Fundamental Internetworking Development & Design Life Cycle.

Suyanto, A. H. (2004). PENGENALAN JARINGAN KOMPUTER.

Tanenbaum, A., S., D. J. W. (2013). Computers Network (5th ed.). Pearson Education India.

Xiaofeng, Z., & Xiaohong, H. (2018). Research on intrusion detection based on an improved combination of K-means and multi-level SVM. International Conference on Communication Technology Proceedings, ICCT, 2017–October 2042–2045. https://doi.org/10.1109/ICCT.2017.8359987

Yang, W. (2017). Efficient K-means Algorithm in Intrusion Detection. 132(Msam), 193–195. https://doi.org/10.2991/msam-17.2017.43

Downloads

Published

2020-10-27

Issue

Section

Articles