Naïve Bayes dan Confusion Matrix untuk Efisiensi Analisa Intrusion Detection System Alert

Muhammad Kamil Suryadewiansyah(1), Teja Endra Eng Tju(2*)
(1) Universitas Budi Luhur
(2) Universitas Budi Luhur
(*) Corresponding Author



Abstrak


Banyaknya malware menyebabkan IDS (Intrusion Detection System) dituntut menyesuaikan diri semakin kompleks sehingga mahal dan membebani perusahaan yang menggunakannya. Sistem yang berbasis teknologi Host-based IDS dan Signatured-based IDS sudah banyak digunakan namun hanya mampu mendeteksi serangan yang sudah diketahui sebelumnya, untuk memperbaiki kinerjanya perlu dilakukan analisa pada data log berdasarkan alert yang diberikan. Teknik klasifikasi Naïve Bayes digunakan untuk membantu meningkatkan efisisensi dan efektifitas analisa tersebut. Penelitian ini dilakukan dengan mengambil empat langkah bagian dari metodologi SKKNI (Standar Kompetensi Kerja Nasional Indonesia) No.299 tahun 2020, Artificial Intelligence, sub bidang Data Science, yaitu data understanding, data preparation, modeling, dan model evaluation. Dataset dari penyedia layanan IDS sebanyak 575 data yang dibagi menjadi 515 data latih dan 60 data uji. Hasil evaluasi data uji dengan confusion matrix diperoleh pengukuran metrik accuracy 0,87, recall 0,89, precision 0,83, dan F-Measure 0,86. Adanya FP (False Positive) dan FN (False Negatif), keduanya sangat penting bagi penguna IDS untuk meningkatkan kualitas layanan kepada pelanggan dan mengurangi resiko akibat adanya intrusi. FP dan FN menjadi fokus dalam melakukan analisa log alert dari IDS sehingga tidak perlu menganalisa keseluruhan data, berdampak memberikan hasil 85% lebih efektif dan berkontribusi pada efisiensi tenaga dan waktu bagi tim keamanan suatu peruasahaan pengguna IDS. Selain itu didapat bahwa sekitar 50% data IDS adalah intrusi atau pengganggu lainnya.


Kata Kunci


Rule-based, Likelihood, Security, Probability, F-1 score


Teks Lengkap:

PDF


Referensi


[1] A. Khraisat, I. Gondal, P. Vamplew, and J. Kamruzzaman, “Survey of intrusion detection systems: techniques, datasets and challenges,” Cybersecurity, vol. 2, no. 1, p. 20, Dec. 2019, doi: 10.1186/s42400-019-0038-7.

[2] J. Liu, K. Xiao, L. Luo, Y. Li, and L. Chen, “An intrusion detection system integrating network-level intrusion detection and host-level intrusion detection,” in 2020 IEEE 20th International Conference on Software Quality, Reliability and Security (QRS), Dec. 2020, pp. 122–129. doi: 10.1109/QRS51102.2020.00028.

[3] M. Kumar and A. K. Singh, “Distributed Intrusion Detection System using Blockchain and Cloud Computing Infrastructure,” in 2020 4th International Conference on Trends in Electronics and Informatics (ICOEI)(48184), Jun. 2020, pp. 248–252. doi: 10.1109/ICOEI48184.2020.9142954.

[4] R. Malani, A. B. W. Putra, and M. Rifani, “Implementation of the Naive Bayes Classifier Method for Potential Network Port Selection,” International Journal of Computer Network and Information Security, vol. 12, no. 2, pp. 32–40, Apr. 2020, doi: 10.5815/ijcnis.2020.02.04.

[5] A. Alazab, M. Hobbs, J. Abawajy, A. Khraisat, and M. Alazab, “Using response action with intelligent intrusion detection and prevention system against web application malware,” Information Management & Computer Security, vol. 22, no. 5, pp. 431–449, Nov. 2014, doi: 10.1108/IMCS-02-2013-0007.

[6] S. Cooper, “Intrusion Detection Systems Explained: 14 Best IDS Software Tools Reviewed,” May 06, 2022. https://www.comparitech.com/net-admin/network-intrusion-detection-tools/ (accessed Jul. 28, 2022).

[7] B. S. Sharmila and R. Nagapadma, “Intrusion Detection System using Naive Bayes algorithm,” in 2019 IEEE International WIE Conference on Electrical and Computer Engineering (WIECON-ECE), Nov. 2019, pp. 1–4. doi: 10.1109/WIECON-ECE48653.2019.9019921.

[8] S. Anwar, F. Septian, and R. D. Septiana, “Jurnal Teknologi Sistem Informasi dan Aplikasi Klasifikasi Anomali Intrusion Detection System (IDS) Menggunakan Algoritma Naïve Bayes Classifier dan Correlation-Based Feature Selection,” Jurnal Teknologi Sistem Informasi dan Aplikasi, vol. 2, no. 4, pp. 135–140, Oct. 2019, [Online]. Available: http://openjournal.unpam.ac.id/index.php/JTSI/index

[9] A. Prasetyo, L. Affandi, and D. Arpandi, “IMPLEMENTASI METODE NAIVE BAYES UNTUK INTRUSION DETECTION SYSTEM (IDS),” Jurnal Informatika Polinema, vol. 4, no. 4, pp. 280–284, Aug. 2018.

[10] Y. I. Kurniawan, F. Razi, N. Nofiyati, B. Wijayanto, and M. L. Hidayat, “Naive Bayes modification for intrusion detection system classification with zero probability,” Bulletin of Electrical Engineering and Informatics, vol. 10, no. 5, pp. 2751–2758, Oct. 2021, doi: 10.11591/eei.v10i5.2833.

[11] T. Wisanwanichthan and M. Thammawichai, “A Double-Layered Hybrid Approach for Network Intrusion Detection System Using Combined Naive Bayes and SVM,” IEEE Access, vol. 9, pp. 138432–138450, 2021, doi: 10.1109/ACCESS.2021.3118573.

[12] A. D. Afifaturahman, F. Maulana, and S. Artikel, “Perbandingan Algoritma K-Nearest Neighbour (KNN) dan Naive Bayes pada Intrusion Detection System (IDS),” INNOVATION IN RESEARCH OF INFORMATICS, vol. 3, no. 1, pp. 17–25, 2021, [Online]. Available: http://innovatics.unsil.ac.id

[13] I. N. T. Wirawan and I. Eksistyanto, “PENERAPAN NAIVE BAYES PADA INTRUSION DETECTION SYSTEM DENGAN DISKRITISASI VARIABEL,” Jurnal Ilmiah Teknologi Informasi, vol. 13, no. 2, pp. 182–189, Jul. 2015.

[14] A. J. Meerja, A. Ashu, and A. Rajani Kanth, “Gaussian Naïve Bayes Based Intrusion Detection System,” in Advances in Intelligent Systems and Computing, vol. 1182 AISC, 2021, pp. 150–156. doi: 10.1007/978-3-030-49345-5_16.

[15] L. Koc, T. A. Mazzuchi, and S. Sarkani, “A network intrusion detection system based on a Hidden Naïve Bayes multiclass classifier,” Expert Systems with Applications, vol. 39, no. 18, pp. 13492–13500, Dec. 2012, doi: 10.1016/j.eswa.2012.07.009.

[16] K. S. Bhosale, M. Nenova, and G. Iliev, “Modified Naive Bayes Intrusion Detection System (MNBIDS),” in 2018 International Conference on Computational Techniques, Electronics and Mechanical Systems (CTEMS), Dec. 2018, pp. 291–296. doi: 10.1109/CTEMS.2018.8769248.

[17] Kementrian Ketenagakerjaan Republik Indonesia, “ SKKNI Keahlian Artificial Intelligence (Data Science),” 2020. https://skkni.kemnaker.go.id/tentang-skkni/dokumen?area=data science&limit=20&page=1 (accessed Jul. 10, 2022).

[18] T. E. E. Tju, D. S. Maylawati, G. Munawar, and S. Utomo, “Prediction of the COVID-19 Vaccination Target Achievement with Exponential Regression,” JISA(Jurnal Informatika dan Sains), vol. 4, no. 2, pp. 179–182, Dec. 2021, doi: 10.31326/jisa.v4i2.1051.

[19] R. F. Smith, “Windows Security Log Encyclopedia.” https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/default.aspx?i=j (accessed Jul. 28, 2022).

[20] B. Barz and J. Denzler, “Do We Train on Test Data? Purging CIFAR of Near-Duplicates,” Journal of Imaging, vol. 6, no. 6, p. 41, Jun. 2020, doi: 10.3390/jimaging6060041.

[21] G. I. Webb, “Naïve Bayes,” in Encyclopedia of Machine Learning and Data Mining, Boston, MA: Springer US, 2016, pp. 1–2. doi: 10.1007/978-1-4899-7502-7_581-1.

[22] Z. Zhang, “Naïve Bayes classification in R,” Annals of Translational Medicine, vol. 4, no. 12, pp. 241–241, Jun. 2016, doi: 10.21037/atm.2016.03.38.

[23] P. Bhatia, Data Mining and Data Warehousing. Cambridge University Press, 2019. doi: 10.1017/9781108635592.

[24] O. Caelen, “A Bayesian interpretation of the confusion matrix,” Annals of Mathematics and Artificial Intelligence, vol. 81, no. 3–4, pp. 429–450, Dec. 2017, doi: 10.1007/s10472-017-9564-8.

[25] E. Conrad, Seth Misenar, and Joshua Feldman, Eleventh Hour CISSP®. Elsevier Science, 2016.

[26] J. Xu, Y. Zhang, and D. Miao, “Three-way confusion matrix for classification: A measure driven view,” Information Sciences, vol. 507, pp. 772–794, Jan. 2020, doi: 10.1016/j.ins.2019.06.064.

[27] Z. Zhao and X. Wang, “Multi‐segments Naïve Bayes classifier in likelihood space,” IET Computer Vision, vol. 12, no. 6, pp. 882–891, Sep. 2018, doi: 10.1049/iet-cvi.2017.0546.


Artikel Statistik

Abstrak telah dilihat : 63 kali
PDF telah dilihat : 51 kali

Refbacks

  • Saat ini tidak ada refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

 

Alamat Redaksi :
Jurusan Sistem Informasi, Fakultas Teknologi Informasi
Universitas Andalas
Kampus Limau Manis, Padang 25163, Sumatera Barat

email: teknosi@fti.unand.ac.id

  Jumlah Pengunjung :

 

Creative Commons License
This work by JSI-Unand and licensed under a CC BY-SA 4.0 International License.