SURICATA ACCURACY OPTIMIZATION BASED ON LIVE ANALYSIS USING ONE-CLASS SUPPORT VECTOR MACHINE METHOD AND STREAMLIT FRAMEWORK

I Putu Yesha Agus Ariwanta; Kadek Yota Ernanda Aryanto; I Gede Aris Gunadi

doi:10.52436/1.jutif.2024.5.2.1822

I Putu Yesha Agus Ariwanta Postgraduate Programs, Computer Science Study Program, Universitas Pendidikan Ganesha,
Kadek Yota Ernanda Aryanto Postgraduate Programs, Computer Science Study Program, Universitas Pendidikan Ganesha,
I Gede Aris Gunadi Postgraduate Programs, Computer Science Study Program, Universitas Pendidikan Ganesha,

DOI: https://doi.org/10.52436/1.jutif.2024.5.2.1822

Keywords: security computer network, optimization, live analysis, one-class SVM, suricata, streamlit

Abstract

Based on data from the Checkpoint website, there are more than 10 million cyber-attacks in a single day, and the top sequence of this cyber-attack is evident in educational institutions. The IT unit of Kartini Bali Health Polytechnic has not yet conducted testing for accuracy and speed to detect suspicious activities on the computer network. The implementation of network security systems that have not undergone testing will undoubtedly have a negative impact on system providers and users. The application of Live Analysis based on a website and the One-Class Support Vector Machine (SVM) is used to optimize the capabilities of the Suricata in detecting suspicious activities on computer networks and providing visual and real-time reports. This research utilizes the Suricata for optimizing the computer network security system, with the researcher using the Streamlit Framework for Live Analysis based on a website and the One-Class Support Vector Machine (SVM) for classifying log data and visual reporting. For testing the computer network security system, tools such as Nmap, Loic, and Brutus are used. The results of the research using the One-Class Support Vector Machine (SVM) in detecting three types of attacks Port Scanning, DDOS Attack, and Brute Force Attack, show an accuracy value of 96%, precision of 95%, recall of 96%, and F1-Score of 95%. In the performance and load testing of the live analysis system using the Streamlit framework, the results show that the developed system is responsive, with CPU usage at 38%, memory usage at 62.3%, and an average system load time of 5 milliseconds.

Downloads

Download data is not yet available.

References

E. P. Silmina, A. Firdonsyah, R. Adhella, and A. Amanda, “Analisis Keamanan Jaringan Sistem Informasi Sekolah Menggunakan Penetration Test Dan Issaf,” no. 3, pp. 83–91, 2022.

R. RASNAL, “Implementasi Keamanan Jaringan Komputer Dengan Menggunakan Model Forensik Pada Kantor Dinas Pendidikan Kota Palopo,” vol. 1, no. 1, pp. 35–42, 2022, [Online]. Available: http://repository.uncp.ac.id/id/eprint/1464

F. Fachri, A. Fadlil, and I. Riadi, “Analisis Keamanan Webserver menggunakan Penetration Test,” J. Inform., vol. 8, no. 2, pp. 183–190, 2021, doi: 10.31294/ji.v8i2.10854.

M. Rijal Kamal and M. Andri Setiawan, “Deteksi Anomali dengan Security Information and Event Management (SIEM) Splunk pada Jaringan UII,” Univ. Islam Indones., 2021.

E. H. Kalabo, “Analisa Performa Intrusion Detection System (IDS) Snort Dan Suricata Terhadap Serangan TCP SYN Flood,” J. Repos., vol. 4, no. 3, pp. 397–406, 2022, doi: 10.22219/repositor.v4i3.1407.

G. Jain and Anubha, “Application of SNORT and Wireshark in Network Traffic Analysis,” IOP Conf. Ser. Mater. Sci. Eng., vol. 1119, no. 1, p. 012007, 2021, doi: 10.1088/1757-899x/1119/1/012007.

D. Yuliandari, B. K. Raja, R. Ningsih, and A. J. Wahidin, “Simulasi Penerapan Sistem Monitoring Jaringan Snort NIDS Pada Web Server Menggunakan Metode SPDLC,” vol. 5, no. 2, pp. 133–138, 2023.

Bayu Santosa and Ali Akbar Rismayadi, “Implementasi Keamanan Jaringan Lan Menggunakan Mikrotik Dengan Metode Firewall Filtering,” E-PROSIDING Tek. Inform. Vol. 3, No. 1, Juni 2022, vol. 3, no. 1, pp. 1–12, 2022.

W. Wildan, A. Romadhona, and S. F. Ramadhani, “Implementasi Firewall Dan Proxy Menggunakan Prangkat Mikrotik Pada Laboratorium Komputer Smk Bina Potensi Palu,” JTIK (Jurnal Tek. Inform. Kaputama), vol. 7, no. 1, pp. 136–143, 2023, doi: 10.59697/jtik.v7i1.56.

A. Putranto, N. L. Azizah, I. Ratna, and I. Astutik, “Web-based Heart Disease Prediction System Using SVM Method and Streamlit Framework [ Sistem Prediksi Penyakit Jantung Berbasis Web Menggunakan Metode SVM dan Framework Streamlit ],” pp. 1–9, 2013.

D. N. Mhawi, A. Aldallal, and S. Hassan, “Advanced Feature-Selection-Based Hybrid Ensemble Learning Algorithms for Network Intrusion Detection Systems,” Symmetry (Basel)., vol. 14, no. 7, 2022, doi: 10.3390/sym14071461.

B. B. Sudhanshu Sekhar Tripathy, “PERFORMANCE EVALUATION OF MACHINE LEARNING ALGORITHMS FOR INTRUSION DETECTION SYSTEM,” J. Biomech. Sci. Eng., no. July, pp. 110–114, 2023, doi: 10.1109/ICISC47916.2020.9171147.

Adam Dwi Ralianto and S. Cahyono, “Perbandingan Nilai Akurasi Snort dan Suricata dalam Mendeteksi Intrusi Lalu Lintas di Jaringan,” Info Kripto, vol. 15, no. 2, pp. 69–75, 2021, doi: 10.56706/ik.v15i2.10.

P. Veerasingam, S. Abd Razak, A. Faisal Amri Abidin, M. Afendee Mohamed, and S. Dhalila Mohd Satar, “Intrusion Detection and Prevention System in Sme’S Local Network By Using Suricata,” Malaysian J. Comput. Appl. Math., vol. 6, no. 1, pp. 21–30, 2023.

J. Guo, H. Guo, and Z. Zhang, “Research on High Performance Intrusion Prevention System Based on Suricata,” Highlights Sci. Eng. Technol., vol. 7, pp. 238–245, 2022, doi: 10.54097/hset.v7i.1077.

Yunanri. W and Yasinta Bella Fitriana, “Analisis Network Security Komputer Tingkat Desa Menggunakan Metode Security Policy Development Life Cycle (SPDLC),” J. Tek. Juara Aktif Glob. Optimis, vol. 1, no. 2, pp. 11–21, 2021, doi: 10.53620/jtg.v1i2.28.

S. I. Abudalfa, E. S. Isleem, M. J. E. Khalil, and ..., “Evaluating Performance of Supervised Learning Techniques for Developing Real-Time Intrusion Detection System,” Int. J. Eng. Inf. Syst., vol. 6, no. 2, pp. 103–119, 2022.

Y. D. Prabowo, “Deteksi Ujaran Kebencian pada Komentar Instagram dalam Bahasa Indonesia Menggunakan Metode Recurrent Neural Network,” KALBISIANA J. Sains, Bisnis dan Teknol., vol. 8, no. 1, pp. 461–468, 2022.

A. Putranto, N. L. Azizah, and I. R. I. Astutik, “Sistem Prediksi Penyakit Jantung Berbasis Web Menggunakan Metode Svm Dan Framework,” J. Penerapan Sist. Inf. (Komputer Manajemen), vol. 4, no. 2, pp. 442–452, 2023, doi: 10.30645/kesatria.v4i2.180.

S. Anwar, F. Septian, and R. D. Septiana, “Klasifikasi Anomali Intrusion Detection System (IDS) Menggunakan Algoritma Naïve Bayes Classifier dan Correlation-Based Feature Selection,” J. Teknol. Sist. Inf. dan Apl., vol. 2, no. 4, pp. 135–140, 2019, doi: 10.32493/jtsi.v2i4.3453.

A. H. Azizan et al., “A machine learning approach for improving the performance of network intrusion detection systems,” Ann. Emerg. Technol. Comput., vol. 5, no. Special issue 5, pp. 201–208, 2021, doi: 10.33166/AETiC.2021.05.025.

ABU THOLIB, Implementasi Algoritma Machine Learning Berbasis Web dengan Framework Streamlit. Pustaka Nurja, 2023.

‪Stephanie P. Adithama, M. Maslim, and J. A. M. Nugraha, “Perancangan Blueprint dan Pembangunan Jaringan Komputer Gereja Brayat Minulya Yogyakarta,” GIAT Teknol. untuk Masy., vol. 1, no. 1, pp. 1–11, 2022, doi: 10.24002/giat.v1i1.5844.‬‬‬‬

M. R. Ayyagari, “Classification of Imbalanced Datasets using One-Class SVM, k-Nearest Neighbors and CART Algorithm,” Int. J. Adv. Comput. Sci. Appl., vol. 11, no. 11, pp. 1–5, 2020, doi: 10.14569/IJACSA.2020.0111101.

Fiqri Syah Redha, Renny Puspita Sari, and Syahru Rahmayuda, “Perbandingan Performa Web Services Yang Dibangun Menggunakan Arsitektur Monolithic Dan Microservices Pada Sistem Point of Sales,” J. Tek. Inform. dan Sist. Inf. ISSN, vol. 10, no. 1, pp. 406–420, 2023.

M. K. Suryadewiansyah and T. E. E. Tju, “Naïve Bayes dan Confusion Matrix untuk Efisiensi Analisa Intrusion Detection System Alert,” J. Nas. Teknol. dan Sist. Inf., vol. 8, no. 2, pp. 81–88, 2022, doi: 10.25077/teknosi.v8i2.2022.81-88.