EEPIS Repository

INTRUSION DETECTION SYSTEM BASED SNORT USING HIERARCHICAL CLUSTERING

Zen , S Hadi and Entin , Martiana and Aries , Pratiarso and Ellysabeth, J.C INTRUSION DETECTION SYSTEM BASED SNORT USING HIERARCHICAL CLUSTERING. In: International Seminar on Scientific Issues and Trends (ISSIT).

[img]
Preview
PDF
Download (626Kb) | Preview

    Abstract

    One effort to protect the network from the threats of hackers, crackers and security experts is to build the Intrusion Detection System (IDS) on the network. The problem arises when new attacks emerge in a relatively fast, so a network administrator must create their own signature and keep updated on new types of attacks that appear. In this paper, it will be made an Intelligence Intrusion Detection System (IIDS) where the Hierarchical Clustering algorithm as an artificial intelligence is used as pattern recognition and implemented on the Snort IDS. Hierarchical clustering applied to the training data to determine the number of desired clusters. Labeling cluster is then performed; there are three labels of cluster, namely Normal, High Risk and Critical. Centroid Linkage Method used for the test data of new attacks. Output system is used to update the Snort rule database. This research is expected to help the Network Administrator to monitor and learn some new types of attacks. From the result, this system is already quite good to recognize certain types of attacks like exploit, buffer overflow, DoS and IP Spoofing. Accuracy performance of this system for the mentioned above type of attacks above is 90%.

    Item Type: Conference or Workshop Item (Paper)
    Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
    Q Science > QA Mathematics > QA76 Computer software
    Divisions: Faculty of Engineering, Science and Mathematics > School of Electronics and Computer Science
    Depositing User: Tn Akhmad Alimudin
    Date Deposited: 10 Mar 2014 11:14
    Last Modified: 18 Aug 2014 11:26
    URI: http://repo.pens.ac.id/id/eprint/2698

    Actions (login required)

    View Item