Network Traffic Anomaly Detection Using the Decision Tree Method
DOI:
https://doi.org/10.65371/metrokom.v1i1.12Keywords:
Detection, Anomaly, Network Traffic, Decision TreeAbstract
With the increasing penetration of computer networks connected to the internet, the risk of network intrusion is also on the rise. Such intrusions attempt to bypass network security mechanisms. One way to detect intrusions is by analyzing network traffic activities. However, manually analyzing all network data can be cumbersome and time-consuming. You can use decision trees to classify network events based on specific attributes. This enables the creation of rules that can detect anomalies in network traffic patterns. We can develop these rules by mapping network events to unique segments within the decision tree. Constructing rules based on the sequence of segments from the decision tree allows for the identification of intrusion indicators, aiding in detecting intrusion attempts in the network. This approach provides a more efficient means for network analysts to identify abnormal network traffic activities without the need for manual inspection of every data point. Thus, the use of decision trees enhances the capability to detect network intrusions, safeguarding computer networks from increasingly complex and diverse cyber threats. This represents a crucial step in fortifying our digital infrastructure's security.
References
Ginting, S. E. B., Widodo, A. W., & Adikara, P. P. (2018). Voting Based Extreme Learning Machine dalam Klasifikasi Computer Network Intrusion Detection. Jurnal Pengembangan Teknologi Informasi Dan Ilmu Komputer, 2(6), 2158–2167.
Hardani, M. S., & Ramli, K. (2022). Perancangan Manajemen Risiko Keamanan Sistem Informasi Manajemen Sumber Daya dan Perangkat Pos dan Informatika (SIMS) Menggunakan Metode NIST 800-30. JURIKOM (Jurnal Riset Komputer), 9(3), 591–599.
Imam, R. M., Sukarno, P., & Nugroho, M. A. (2019). Deteksi Anomali Jaringan Menggunakan Hybrid Algorithm. E-Proceeding of Engineering, 6(2), 8766–8787.
Lappas, T., & Pelechrinis, K. (2007). Data mining techniques for (network) intrusion detection systems. Department of Computer Science and Engineering UC Riverside, Riverside CA, 92521.
Lindblom, H. (2023). Nuking Duke Nukem: Reaching the Stack via a Glboal Buffer Overflow in DOS Protected Mode.
Marlina, D., & Bakri, M. (2021). Penerapan Data Mining Untuk Memprediksi Transaksi Nasabah Dengan Algoritma C4. 5. Jurnal Teknologi Dan Sistem Informasi, 2(1), 23–28.
Maulana, A. B., Hartiana, S. N., & Fardan, F. (2023). Analisis Serangan Denial Of Service (DOS) Pada Jaringan Privat Seluler 5G Stand Alone Berbasis Open Seluler. EProceedings of Engineering, 9(6).
Meera, G. (2010). Adaptive Machine Learning Algorithm (AMLA) Using J48 Classifier. Advances in Computational Sciences and Technology, 3, 291–304.
Najib, W., & Sulistyo, S. (2020). Tinjauan Ancaman dan Solusi Keamanan pada Teknologi Internet of Things. Jurnal Nasional Teknik Elektro Dan Teknologi Informasi, 9(4), 375–384.
Riadi, I., Umar, R., & Aini, F. D. (2019). Analisis Perbandingan Detection Traffic Anomaly Dengan Metode Naive Bayes Dan Support Vector Machine (Svm). ILKOM Jurnal Ilmiah, 11(1), 17–24.
Saputra, A. M. A., Kharisma, L. P. I., Rizal, A. A., Burhan, M. I., & Purnawati, N. W. (2023). TEKNOLOGI INFORMASI: Peranan TI dalam berbagai bidang. PT. Sonpedia Publishing Indonesia.
Setya Wijaya, E. (2012). Deteksi Anomali Trafik Jaringan Dengan Menggunakan Metode Decision Tree. Universitas Dian Nuswantoro.
Sinaga, S., Sembiring, R. W., & Sumarno, S. (2022). Penerapan Algoritma Naive Bayes untuk Klasifikasi Prediksi Penerimaan Siswa Baru. Journal of Machine Learning and Data Analytics, 1(1), 55–64.
Siriporn, O., & Benjawan, S. (2008). Anomaly Detection and Characterization to Classify Traffic Anomalies. Case Study: TOT Public Company Limited Network. World Academy of Science, Engineering and Technology, 48, 407–415.
