DETEKSI BOTNETS PADA PASSIVE DNS DENGAN MENGGUNAKAN METODE K NEAREST NEIGHBOR
| Main Author: | Putri, Vinna Utami |
|---|---|
| Format: | Thesis NonPeerReviewed Book |
| Bahasa: | eng |
| Terbitan: |
, 2018
|
| Subjects: | |
| Online Access: |
http://eprints.umm.ac.id/41268/1/Pendahuluan.pdf http://eprints.umm.ac.id/41268/2/Bab%20I.pdf http://eprints.umm.ac.id/41268/3/bab%20II.pdf http://eprints.umm.ac.id/41268/4/Bab%20III.pdf http://eprints.umm.ac.id/41268/5/Bab%20IV.pdf http://eprints.umm.ac.id/41268/6/Bab%20V.pdf http://eprints.umm.ac.id/41268/ |
Daftar Isi:
- A botnet is a network of millions of zombies in a device that is connected to the internet such as a Personal Computer (PC), smartphone, tablet, routers and other gadgets. Which bots infect with malware that specifically so that it can be controlled by the cybercriminal remotely to provide attack such as sending email, steal personal information, and launching DDoS attacks. To classify the which botnets and normal dataset on a passive DNS contained on dataset CTU-13 with k Nearest Neighbor algoritm, first author Specifies attributes such as dns passivc DNS Client, DNS Server, Query Class, Time Stamp, Query Type (RR), Query (Domain Name), Answer, TTL (Time To Live). After that selection of features that are useful for selecting appropriate data on botnet and normal so obtained six features including Time to Live Feature, Query answer feature, Time featured, IP Geolocate featured, Autonomous Domains and domains Featured Name The Feature. The next step is ploting the data with a algorithm kNN into library scikit learn the python programming language, in this process the data obtained as a result will be classified with a botnet and normal. The testing used confusion matrix for this study.