Analisis Algoritma Klasifikasi Biner Pada Serangan Siber Menggunakan Machine Learning

• FIRMAN YUSPRIYADI
• 14210223

---

ABSTRAK

ABSTRAK

Nama              : Firman Yuspriyadi

NIM                 : 14210223

Program Studi : Ilmu Komputer

Fakultas           : Teknologi Informasi

Jenjang            : Strata Dua (S2)

Konsentrasi      : Data Mining

Judul          : Analisis Algoritma Klasifikasi Biner Pada Serangan Siber Menggunakan Machine Learning

Penelitian ini bertujuan untuk melakukan analisis eksperimental terhadap teknik klasifikasi biner serangan siber menggunakan pendekatan Machine Learning. Dalam upaya untuk menanggulangi ancaman serangan siber yang terus berkembang, data serangan dari berbagai sumber dikumpulkan untuk melatih dan menguji berbagai model Machine Learning, termasuk algoritma seperti Multi Layer Perceptron (MLP), Logistic Regression (LR), Support Vector Machine (SVM), KNearest Neighbors (KNN), Naive Bayes (NB), Random Forest (RF). Fokus penelitian juga meliputi eksplorasi teknik ekstraksi fitur yang tepat dan metode prapemrosesan data untuk meningkatkan akurasi dan keandalan model. Hasil eksperimen menunjukkan bahwa metode LR dan KNN memberikan klasifikasi serangan siber yang andal dengan accuraccy score sebesar 0.997, recall 1, precission score 0.988, F1 score 0.994, log loss 0.371, ROC AUC 0.963, cohen kappa 0.955. Temuan ini memberikan kontribusi penting dalam pengembangan sistem deteksi serangan siber yang lebih efektif dalam konteks keamanan informasi dan jaringan.

KATA KUNCI

Serangan Siber,Klasifikasi Biner,Lachine Learning,Analisis Eksperimental,Keamanan Informasi

---

DAFTAR PUSTAKA

DAFTAR REFERENSI

[1] Badan Siber dan Sandi Negara, “Laporan Bulanan Publilk Hasil Monitoring Keamanan Siber Desember 2022,” 2022.

[2] and M. A. A. H. Ayd?n, Z. Orman, “A long short-term memory (LSTM)- based distributed denial of service (DDoS) detection and defense system design in public cloud network environment,” Comput. Secur., vol. 118, 2022.

[3] and H. L. I. D. Aiyanyo, H. Samuel, “A systematic Review of Defensive and Offensive Cybersecurity With Machine Learning,” Appl. Sci., vol. 10, 2020, doi: 10.3390/app10175811.

[4] A. Ullah, F.; Edwards, M.; Ramdhany, R.; Chitchyan, R.; Babar, M.A.; Rashid, “Data exfiltration: A review of external attack vectors and countermeasures,” J. Netw. Comput. Appl., vol. 101, pp. 18–54, 2017.

[5] Y. Malik, M.; Singh, “A Review: DoS and DDoS Attacks,” Int. J. Comput. Sci. Mob. Comput., vol. 4, pp. 260–265, 2015.

[6] W. Mahjabin, T.; Xiao, Y.; Sun, G.; Jiang, “A survey of distributed denialof-service attack, prevention, and mitigation techniques,” Int. J. Distrib. Sens. Networks, vol. 13, pp. 2–33, 2017.

[7] J. Kolias, C.; Kambourakis, G.; Stavrou, A.; Voas, “DDoS in the IoT: Mirai and Other Botnets,” Computer (Long. Beach. Calif)., vol. 50, pp. 80–84, 2017.

[8] T. Olzak, “Keystroke Logging (Keylogging).” https://www.researchgate.net/publication/228797653_Keystroke_logging_keylogging.

[9] J. K. Bhuyan, M.H.; Bhattacharyya, D.K.; Kalita, “Surveying Port Scans and Their Detection Methodologies,” Comput. J., vol. 54, pp. 1565–1581, 2011.

[10] V. Sivanathan, A.; Gharakheili, H.H.; Sivaraman, “Can We Classify an IoT Device using TCP Port Scan?,” ICIAfS, no. IEEE, 2018.

[11] E. A. I. Syaifuddin, Diah Risqiwati, Realtime Pencegahan Serangan Brute Force dan DDOS Pada Ubuntu Server, vol. 17, no. Techno.COM. 2018.

[12] M. N. A. Tohari Ahmad, “Data Preprocesing and Feature Selection for machine learning intrusioin detection system,” vol. 13, pp. 93–101, 2019.

[13] T. A. Farzad, A., & Gulliver, “Log message anomaly detection with fuzzy C-means and MLP. Applied Intelligence,” vol. 52(15), pp. 17708–17717, doi: https://doi.org/10.1007/s10489-022-03300-1.

[14] S. Chowdhary, A., & Kumar, “A survey of cyber attack detection and prevention techniques.,” Comput. Secur., vol. 128, 2021.

[15] M. Hosseinzadeh, M., Rahmani, A. M., Vo, B., Bidaki, M., Masdari, M., & Zangakani, “Improving security using SVM-based anomaly detection: issues and challenges,” Soft Comput., vol. 25, pp. 3195–3223, 2021, doi: https://doi.org/10.1007/s00500-020-05373-x.

[16] M. Mihoub, A.,Ben, F.O., Cheikhrouhou, O., Derhab, A., & Krichen, “Denial of service attack detection and mitigation for internet of things using looking-back-enabled machine learning techniques,” Comput. Electr. Eng., vol. 98, no. 107716, 2022.

[17] E. Goel and E. Abhilasha, “Random Forest: A Review,” Int. J. Adv. Res. 55Program Studi Ilmu Komputer (S2) Universitas Nusa Mandiri Comput. Sci. Softw. Eng., vol. 7, no 1, pp. 251–257, 2017.

[18] A. Churcher et al., “An experimental analysis of attack classification using machine learning in IoT networks,” Sensors (Switzerland), vol. 21, no. 2, pp. 1–32, 2021, doi: 10.3390/s21020446.

[19] I. H. Sarker, “CyberLearning: Effectiveness analysis of machine learning security modeling to detect cyber-anomalies and multi-attacks,” Internet of Things (Netherlands), vol. 14, p. 100393, 2021, doi: 10.1016/j.iot.2021.100393.

[20] Z. Alothman, M. Alkasassbeh, and S. Al-Haj Baddar, “An efficient approach to detect IoT botnet attacks using machine learning,” J. High Speed Networks, vol. 26, no. 3, pp. 241–254, 2020, doi: 10.3233/JHS-200641.

[21] N. Elmrabit, F. Zhou, F. Li, and H. Zhou, “Evaluation of Machine Learning Algorithms for Anomaly Detection,” Int. Conf. Cyber Secur. Prot. Digit. Serv. Cyber Secur. 2020, 2020, doi: 10.1109/CyberSecurity49315.2020.9138871.

[22] M. Nawir, A. Amir, O. B. Lynn, N. Yaakob, and R. Badlishah Ahmad, “Performances of Machine Learning Algorithms for Binary Classification of Network Anomaly Detection System,” J. Phys. Conf. Ser., vol. 1018, no. 1, 2018, doi: 10.1088/1742-6596/1018/1/012015.

[23] K. A. Tait et al., “Intrusion Detection using Machine Learning Techniques: An Experimental Comparison,” 2021 Int. Congr. Adv. Technol. Eng. ICOTEN 2021, 2021, doi: 10.1109/ICOTEN52080.2021.9493543.

[24] N. Oliveira, I. Praça, E. Maia, and O. Sousa, “Intelligent cyber attack detection and classification for network-based intrusion detection systems,” Appl. Sci., vol. 11, no. 4, pp. 1–21, 2021, doi: 10.3390/app11041674.

[25] K. Shaukat et al., “Performance comparison and current challenges of using machine learning techniques in cybersecurity,” Energies, vol. 13, no. 10, 2020, doi: 10.3390/en13102509.

[26] A. Bachar, N. El Makhfi, and O. EL Bannay, “Machine learning for network intrusion detection based on SVM binary classification model,” Adv. Sci. Technol. Eng. Syst., vol. 5, no. 4, pp. 638–644, 2020, doi: 10.25046/AJ050476.

[27] L. Li, Y. Yu, S. Bai, Y. Hou, and X. Chen, “An Effective Two-Step Intrusion Detection Approach Based on Binary Classification and κ-NN,” IEEE Access, vol. 6, pp. 12060–12073, 2017, doi: 10.1109/ACCESS.2017.2787719.

[28] A. Raza, K. Munir, M. S. Almutairi, and R. Sehar, “Novel Class Probability Features for Optimizing Network Attack Detection With Machine Learning,” IEEE Access, vol. 11, no. July, pp. 98685–98694, 2023, doi: 10.1109/ACCESS.2023.3313596.

[29] N. Rust-Nguyen, S. Sharma, and M. Stamp, “Darknet traffic classification and adversarial attacks using machine learning,” Comput. Secur., vol. 127, 2023, doi: 10.1016/j.cose.2023.103098.

[30] T. Provost, F., & Fawcett, “Best Practices for Manual Labeling of Machine Learning Data,” 2013.

[31] S. Lee, S. H. Shin, and B. H. Roh, “Abnormal Behavior-Based Detection of Shodan and Censys-Like Scanning,” Int. Conf. Ubiquitous Futur. Networks, ICUFN, pp. 1048–1052, 2017, doi: 10.1109/ICUFN.2017.7993960. 56Program Studi Ilmu Komputer (S2) Universitas Nusa Mandiri

[32] S. Francisco, “environments for threat detection and mitigation,” 2021.

[33] T. Tigerprints, A. D. Dissertations, and D. Everson, “Cyber Attack Surface Mapping For Offensive Security Testing,” 2023, [Online]. Available: https://tigerprints.clemson.edu/all_dissertations.

[34] N. Aljojo, “Predicting Attack Surface Effects On Attack Vectors In An Open Congested Network Transmission Session By Machine Learning,” Int. J. online Biomed. Eng., vol. 17, no. 11, pp. 47–59, 2021, doi: 10.3991/ijoe.v17i11.25025.

[35] D. Suhail and S. Ahmed, “Mathematics & Computer Science Sustainable Hitlist : Targets for Internet Scans,” 2020. [36] Z. Zhao, S. Srinivasa, and E. Vasilomanolakis, SweetCam: An IP Camera Honeypot, vol. 1, no. 1. Association for Computing Machinery, 2023.

[37] Z. Xu and T. Luo, “Cloud-Native Sandboxes for Microservices: Understanding New Threats and Attacks,” BlackHat Eur. 2018, 2018, [Online]. Available: https://i.blackhat.com/eu-18/Thu-Dec-6/eu-18-LuoCloud-Native-Sandboxes-For-Microservices-Understanding-New-Threatsand-Attacks-wp.pdf.

[38] S. Varlioglu, N. Elsayed, Z. Elsayed, and M. Ozer, “The Dangerous Combo: Fileless Malware and Cryptojacking,” Conf. Proc. - IEEE SOUTHEASTCON, vol. 2022-March, pp. 125–132, 2022, doi: 10.1109/SoutheastCon48659.2022.9764043.

[39] “Ransomware: A New Era of Digital Terrorism Richa Indu 1 and Anuj Sharma 2 Department of Computer Science and Engineering, Institue of Technology Roorkee-247667, Uttarakhand, India,” pp. 168–226, 2018.

[40] S. Naga and L. Keerthi, “The Repository at St . Cloud State A Study on Security Attributes of Software-Defined Wide Area Network,” 2023.

[41] S. J. Lalman, “The Exigency and How to Improve and Implement International Humanitarian Legislations More Advantageously in Times of Both Cyber-warfare and Cyberspace,” 2023.

[42] S. Berlato and M. Ceccato, “A large-scale study on the adoption of antidebugging and anti-tampering protections in android apps,” J. Inf. Secur. Appl., vol. 52, 2020, doi: 10.1016/j.jisa.2020.102463.

[43] N. Ekiz, P. D. Amer, and F. Yang, “Causing Remote Hosts to Renege.”

[44] E. Y. Güven and Z. Gürka?-Aydin, “Mirai botnet attack detection in lowscale network traffic,” Intell. Autom. Soft Comput., vol. 37, no. 1, pp. 419–437, 2023, doi: 10.32604/iasc.2023.038043.

[45] T. Trajanovski and N. Zhang, “An Automated and Comprehensive Framework for IoT Botnet Detection and Analysis (IoT-BDA),” IEEE Access, vol. 9, pp. 124360–124383, 2021, doi: 10.1109/ACCESS.2021.3110188.

[46] F. Sebeni, “Telco honeypot,” 2019.

[47] A. Amodei, D. Capriglione, G. Cerro, L. Ferrigno, G. Miele, and G. Tomasso, “A Measurement Approach for Inline Intrusion Detection of Heartbleed-Like Attacks in IoT Frameworks,” IEEE Trans. Instrum. Meas., vol. 72, no. June, p. 1, 2023, doi: 10.1109/TIM.2023.3282662.

[48] N. Nimalasingam, J. Senanayake, and C. Rajapakse, “Detection of IoT Malware Based on Forensic Analysis of Network Traffic Features,” Proc. - Int. Res. Conf. Smart Comput. Syst. Eng. SCSE 2022, no. October, pp. 122– 57Program Studi Ilmu Komputer (S2) Universitas Nusa Mandiri 130, 2022, doi: 10.1109/SCSE56529.2022.9905212.

[49] P. Dodia, M. Alsabah, O. Alrawi, and T. Wang, Exposing the Rat in the Tunnel: Using Traffic Analysis for Tor-based Malware Detection, vol. 1, no. 1. Association for Computing Machinery, 2022.

[50] E. Chatzoglou, G. Kambourakis, and C. Kolias, “Your WAP Is at Risk: A Vulnerability Analysis on Wireless Access Point Web-Based Management Interfaces,” Secur. Commun. Networks, vol. 2022, 2022, doi: 10.1155/2022/1833062.

[51] L. Joseph and R. Mukesh, “To Detect Malware attacks for an Autonomic Self-Heal Approach of Virtual Machines in Cloud Computing,” 5th Int. Conf. Sci. Technol. Eng. Math. ICONSTEM 2019, vol. 1, no. March 2019, pp. 220–231, 2019, doi: 10.1109/ICONSTEM.2019.8918909.

[52] K. Kinoshita, “A Review Paper on Organi,” Resuscitation, vol. 85, no. 9, pp. 26–46, 2014.

[53] M. R. Islam and K. M. Aktheruzzaman, “An Analysis of Cybersecurity Attacks against Internet of Things and Security Solutions,” J. Comput. Commun., vol. 08, no. 04, pp. 11–25, 2020, doi: 10.4236/jcc.2020.84002.