Haykal, Muhammad Farhan (2023) Sistem Deteksi Intrusi Jaringan Berbasis Anomali Graf. Other thesis, Institut Teknologi Sepuluh Nopember.
![[thumbnail of 051111940000141-Undergradutae_Thesis.pdf]](http://repository.its.ac.id/style/images/fileicons/text.png) |
Text
051111940000141-Undergradutae_Thesis.pdf - Accepted Version Restricted to Repository staff only until 1 October 2025. Download (2MB) | Request a copy |
Abstract
Sistem deteksi intrusi jaringan adalah sebuah alat yang digunakan dalam kemanan komputer untuk mengawasi trafik jaringan dan mengidentifikasi potensi ancaman atau kegiatan yang mencurigakan. Salah satu pendekatan untuk membuat NIDS adalah dengan menggunakan deteksi anomali graf, yang melibatkan analisa lalu lintas jaringan di dalam bentuk graf dan mengidentifikasi pola atau kelakuan yang dapat mengindikasi sebuah intrusi. Pendekatan ini dapat mendeteksi ancaman yang baru dengan efektif, serta memberikan pengetahuan yang berharga mengenai keamanan jaringan secara keseluruhan. Selain itu, dengan memanfaatkan algoritma machine learning, NIDS berbasis deteksi anomali graf dapat terus meningkatkan kinerjanya dari waktu ke waktu dan beradaptasi dengan perubahan kondisi pada jaringan. Pada Tugas Akhir ini dimanfaatkan model machine learning untuk melakukan deteksi intrusi jaringan pada data trafik yang terdapat pada UNSW-NB 15 pcap files dengan pendekatan deteksi anomali pada graf. Terdapat 5 model yang digunakan pada penelitian ini yaitu Deep Anomaly Detection on Attributed Networks, One-Class Graph Neural Network, Contrastive Attributed Network Anomaly Detection, Graph Auto Encoders, dan Dual Autoencoder for Anomaly Detection on Attributed Networks. Berdasarkan hasil yang didapatkan dan analisis yang dilakukan dapat disimpulkan performa terbaik secara keseluruhan berdasarkan nilai skor-F1 diperoleh oleh model Graph Auto Encoders dengan skor-F1 tertinggi mencapai 0,8729, performa terbaik selanjutnya dicapai oleh model Dual Autoencoder for Anomaly Detection on Attributed Networks dengan skor-F1 mencapai 0,7945, selanjutnya diikuti oleh model One-Class Graph Neural Network dengan skor-F1 mencapai 0,7379, setelah itu model Deep Anomaly Detection on Attributed Networks dengan skor-F1 0,6823 dan terakhir model Contrastive Attributed Network Anomaly Detection dengan skor-F1 0,6764. Model graf yang sesuai untuk kelima model adalah graf tanpa node yang terisolasi.
================================================================================================================================
A Network Intrusion Detection System is a tool used in computer security to monitor network traffic and identify potential threats or suspicious activities. One approach to building a NIDS is to use graph anomaly detection, which involves analyzing network traffic in graph form and identifying patterns or behaviors that may indicate an intrusion. This approach can effectively detect new threats, as well as provide valuable knowledge about overall network security. In addition, by utilizing machine learning algorithms, graph anomaly detection-based NIDS can continuously improve its performance over time and adapt to changing conditions on the network. In this final project, the authors utilize machine learning models to perform network intrusion detection on traffic data contained in UNSW-NB 15 pcap files with a graph anomaly detection approach. There are 5 models used in this research, namely Deep Anomaly Detection on Attributed Networks, One-Class Graph Neural Network, Contrastive Attributed Network Anomaly Detection, Graph Auto Encoders, and Dual Autoencoder for Anomaly Detection on Attributed Networks. Based on the results obtained and the analysis carried out, it can be concluded that the best overall performance based on the F1-score value is obtained by the Graph Auto Encoders model with the highest F1-score reaching 0.8729, the next best performance is achieved by the Dual Autoencoder for Anomaly Detection on Attributed Networks model with a F1-score reaching 0, 7945, followed by the One-Class Graph Neural Network model with an F1-score of 0.7379, after that the Deep Anomaly Detection on Attributed Networks model with an F1-score of 0.6823 and finally the Contrastive Attributed Network Anomaly Detection model with an F1-score of 0.6764. The graph model suitable for the five models is a graph without isolated nodes.
| Item Type: | Thesis (Other) |
|---|---|
| Uncontrolled Keywords: | NIDS, Graph, Graph Anomaly Detection, Network Traffic, Machine Learning |
| Subjects: | T Technology > T Technology (General) > T57.5 Data Processing |
| Divisions: | Faculty of Intelligent Electrical and Informatics Technology (ELECTICS) > Informatics Engineering > 55201-(S1) Undergraduate Thesis |
| Depositing User: | Muhammad Farhan Haykal |
| Date Deposited: | 09 Oct 2023 07:21 |
| Last Modified: | 09 Oct 2023 07:21 |
| URI: | http://repository.its.ac.id/id/eprint/102470 |
Actions (login required)
 |
View Item |