Penerapan Metode Support Vector Machine pada Sistem Deteksi Intrusi secara Real-time

Abstract

Intrusion detection system is a system for detecting attacks or intrusions in a network or computer system, generally intrusion detection is done with comparing network traffic pattern with known attack pattern or with finding unnormal pattern of network traffic. The raise of internet activity has increase the number of packet data that must be analyzed for build the attack or normal pattern, this situation led to the possibility that the system can not detect the intrusion with a new technique, so it needs a system that can automaticaly build a pattern or model.This research have a goal to build an intrusion detection system with ability to create a model automaticaly and can detect the intrusion in real-time environment with using support vector machine method as a one of data mining method for classifying network traffic audit data in 3 classes, namely: normal, probe, and DoS. Audit data was established from preprocessing of network packet capture files that obtained from Tshark. Based on the test result, the sistem can help system administrator to build a model or pattern automaticaly with high accuracy, high attack detection rate, and low false positive rate. The sistem also can run in real-time environment