Analisis Kemiripan Pola Penyerangan Untuk Deteksi Botnet Berdasarkan Karakteristik Aktivitas Simultan, Sporadis dan Periodik

Putra, M. Aidiel Rachman (2023) Analisis Kemiripan Pola Penyerangan Untuk Deteksi Botnet Berdasarkan Karakteristik Aktivitas Simultan, Sporadis dan Periodik. Masters thesis, Institut Teknologi Sepuluh Nopember.

[thumbnail of 6025211020-Master_Thesis.pdf] Text
6025211020-Master_Thesis.pdf - Accepted Version
Restricted to Repository staff only until 1 April 2025.

Download (5MB) | Request a copy

Abstract

Botnet merupakan salah satu jenis malware yang bekerja dengan menginfeksi komputer target. Komputer yang telah terinfeksi dengan mudah dikendalikan oleh seorang botmaster untuk melakukan serangan seperti DDoS (Distributed Denial of Service), spreading malicious programming, phising, mengirim spam message dan click misrepresentation. Struktur komunikasi botnet terus berkembang dari centralized menjadi decentralized, sehingga menyebabkan beberapa model deteksi sulit untuk menangani serangan botnet. Selain itu karakteristik serangan botnet berevolusi dari karakteristik sporadis ke periodik hingga dan kemudian simultan. Karakteristik serangan sporadis memiliki ciri aktivitas serangan terpusat pada waktu tertentu. Karakteristik sporadis berkembang menjadi periodik yang memungkinkan botnet untuk melakukan serangan secara intens. Terakhir aktivitas serangan botnet berkembang menjadi simultan yang memungkinkan serangan secara intens dan sistematis yang terjadi secara bersamaan pada rentang waktu tertentu. Sehingga dibutuhkan analisis yang tepat dan mendalam untuk dapat mengidentifikasi dan mendeteksi karakteristik serangan botnet berdasarkan karakteristik serangan secara tepat dan akurat. Penelitian mengenai deteksi serangan botnet telah dikenalkan dengan menggunakan pemodelan deteksi seperti klasifikasi, clustering, analisis histogram, dan deep learning. Namun, penelitian terdahulu belum mempertimbangkan analisis karakteristik dan pola serangan botnet. Analisis karakteristik dan pola serangan botnet, dibutuhkan untuk dapat mendeteksi serangan botnet secara akurat dan tepat. Penelitian ini mengusulkan model deteksi menggunakan analisis kemiripan terhadap pola aktivitas dari ragam karakteristik serangan botnet. Untuk dapat mendeteksi kemiripan dari pola aktivitas botnet, dibutuhkan dataset dengan karakteristik botnet sporadis, periodik dan simultan. Dataset botnet simultan diperlukan dalam penelitian ini dan didapatkan melalui proses pembangkitan dataset. Pembangkitan dilakukan dengan mengekstraksi informasi aktivitas botnet dari dataset yang ada. Hasil dari model deteksi ini adalah pengukuran kemiripan aktivitas serangan botnet dalam karakteristik serangan botnet sporadis, periodik maupun simultan
=======================================================================================================================================
Botnet is a type of malware that works by infecting the target computer. A botmaster easily controls infected computers to carry out attacks such as DDoS (Distributed Denial of Service), spreading malicious programming, phishing, sending spam messages, and click misrepresentations. The botnet's communication structure was initially quite simple, namely centralized, but has evolved into a decentralized structure, making botnets even more difficult to deal with. In addition, the characteristics of botnet attacks have evolved from sporadic to periodic and then simultaneous. The sporadic botnet attacks are characterized by concentrated attack activity at a specific time. Sporadic characteristics develop into periodic ones that allow botnets to carry out intense attacks. Finally, the botnet attack activity has grown into a simultaneous one, which allows intense and systematic attacks simultaneously at a specific time. Thus, it needs proper and in-depth analysis to identify and detect the characteristics of botnet attacks based on the characteristics of attacks precisely and accurately. Research on botnet attack detection has been introduced using several detection models such as classification, clustering, histogram analysis, and deep learning. However, previous studies have yet to consider analyzing the characteristics and patterns of botnet attacks. Analysis of the characteristics and patterns of botnet attacks is needed to be able to detect botnet attacks accurately and precisely. This study proposes a detection model using a similarity analysis of activity patterns from various botnet attack characteristics. The dataset with sporadic, periodic, and simultaneous botnet characteristics is needed to measure botnet activity patterns' similarity. Simultaneous botnet datasets are required in this study and obtained through the dataset generation process. Generation is done by extracting botnet activity information from existing datasets. The result of this detection model is a measurement of the similarity of botnet attack activity in the characteristics of sporadic, periodic, or simultaneous botnet attacks

Item Type: Thesis (Masters)
Uncontrolled Keywords: botnet, deteksi bot, sistem deteksi intrusi, infrastruktur jaringan, keamanan jaringan, analisa kemiripan, bot detection, intrusion detection system, network infrastructure, network security, similarity analysis
Subjects: Q Science
Q Science > Q Science (General)
Q Science > Q Science (General) > Q325.5 Machine learning. Support vector machines.
Q Science > QA Mathematics > QA76 Computer software
Q Science > QA Mathematics > QA76.6 Computer programming.
Q Science > QA Mathematics > QA76.9.A25 Computer security. Digital forensic. Data encryption (Computer science)
Q Science > QA Mathematics > QA76.9.C55 Client/server computing
Q Science > QA Mathematics > QA76.9.D343 Data mining. Querying (Computer science)
Divisions: Faculty of Intelligent Electrical and Informatics Technology (ELECTICS) > Informatics Engineering > 55101-(S2) Master Thesis
Depositing User: M. Aidiel Rachman Putra
Date Deposited: 06 Feb 2023 04:04
Last Modified: 06 Feb 2023 04:04
URI: http://repository.its.ac.id/id/eprint/96268

Actions (login required)

View Item View Item