PENGELOMPOKAN NOTIFIKASI ALERT INTRUSION DETECTION SYSTEM SNORT PADA BOT TELEGRAM MENGGUNAKAN ALGORITMA K-MEANS
| Main Author: | Alfiansyah, Bagus |
|---|---|
| Format: | Thesis NonPeerReviewed Book |
| Bahasa: | eng |
| Terbitan: |
, 2018
|
| Subjects: | |
| Online Access: |
http://eprints.umm.ac.id/42261/1/pendahuluan.pdf http://eprints.umm.ac.id/42261/2/BAB%20I.pdf http://eprints.umm.ac.id/42261/3/BAB%20II.pdf http://eprints.umm.ac.id/42261/4/BAB%20III.pdf http://eprints.umm.ac.id/42261/5/BAB%20IV.pdf http://eprints.umm.ac.id/42261/6/BAB%20V.pdf http://eprints.umm.ac.id/42261/7/LAMPIRAN.pdf http://eprints.umm.ac.id/42261/ |
Daftar Isi:
- With the increasing knowledge and internet crime, an Intrusion Detection System (IDS) is needed, one of which is Snort that can detect attacks. An attack notification is needed so that the administrator knows if there is an attack. Alert clustering uses the K-Means method to divide 2 alert cluster so that not all alerts are sent to notifications so that administrators can easily see and analyze notifications. Notification from bots will appear in the Telegram application using the Bot feature provided by Telegram. The real attack testing process is carried out for 2 days. There are a total of 10352 attacks in which 1096 attacks have membership in cluster 1 where in the cluster alerts are forwarded to notifications and 9256 attacks that have membership in cluster 2. Testing K-Means uses SSE on alert data totaling 10352. In 2 clusters it produces 236,366, 3 clusters produce a value of 131.1508, 4 clusters produce a value of 25.1101, 5 clusters produce a value of 19. 5869, 6 clusters produce a value of 19.5178, and finally in 7 clusters produce a value of 3.0575. So that it can be concluded that the more the number of clusters, the SSE value will be smaller