DEVELOPMENT OF SECURITY TESTBED FOR MACHINE LEARNING NETWORK-BASED INTRUSION DETECTION SYSTEMS
Security testing on the ML-NIDS is carried out as an effort to find out the characteristics and defects that may exist in ML-NIDS. Security testing is done by adjusting the type and method of analysis on ML-NIDS. The ML-NIDS based on supervised learning with the method of flow analysis has a char...
Saved in:
| Main Author: | |
|---|---|
| Format: | Final Project |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/85054 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| id |
id-itb.:85054 |
|---|---|
| spelling |
id-itb.:850542024-08-19T14:00:58ZDEVELOPMENT OF SECURITY TESTBED FOR MACHINE LEARNING NETWORK-BASED INTRUSION DETECTION SYSTEMS Naufal Hilmy, Andika Indonesia Final Project network intrusion detection system, IDS, security testing, security testbed, machine learning INSTITUT TEKNOLOGI BANDUNG https://digilib.itb.ac.id/gdl/view/85054 Security testing on the ML-NIDS is carried out as an effort to find out the characteristics and defects that may exist in ML-NIDS. Security testing is done by adjusting the type and method of analysis on ML-NIDS. The ML-NIDS based on supervised learning with the method of flow analysis has a character in the form of intrusion analysis carried out based on data that has been labeled in the training process and determination of intrusion efforts is carried out based on network flow which has a set of packets out from and into the network. There are several methods of security testing for ML-NIDS, namely adversarial testing on modified datasets and cross-testing with different models and datasets. In addition to model performance, the general methods of security testing on IDS-es are to measure the resource usage and detection time of the IDS. All of these methods are limited to the focus of each method and do not describe ML-NIDS as a whole. A security testbed was created to facilitate security testing on ML-NIDS-es. The security testbed is intended for ML-NIDS-es that have a flow analysis method on traffic with a supervised learning algorithm on the ML model. Based on the characteristics of the ML-NIDS mentioned above, it is necessary to analyze the model performance, detection time, and resource usage of ML-NIDS. To accommodate the need to analyze ML-NIDS, the security testbed has a number of features, including stopwatch(es) to measure detection time, resource monitor(s) to measure the resource usage of the ML-NIDS, and statistics analyzer(s) to process statistical data obtained during the security testing process. At the end of security testing, the security testbed issues a report containing data analysis of the security testing process. The security testbed built can run well when there is traffic in the network and also when both the controller and the agent are well connected. In ideal conditions, the security testbed is able to provide analysis results from the security testing process that has been carried out by providing a report that contains analysis results from security testing. The security testbed is able to run both in normal use and with simulated attacks. In addition, the security testbed has a small resource footprint that does not significantly affect the performance of the running system. text |
| institution |
Institut Teknologi Bandung |
| building |
Institut Teknologi Bandung Library |
| continent |
Asia |
| country |
Indonesia Indonesia |
| content_provider |
Institut Teknologi Bandung |
| collection |
Digital ITB |
| language |
Indonesia |
| description |
Security testing on the ML-NIDS is carried out as an effort to find out the
characteristics and defects that may exist in ML-NIDS. Security testing is done by
adjusting the type and method of analysis on ML-NIDS. The ML-NIDS based on
supervised learning with the method of flow analysis has a character in the form of
intrusion analysis carried out based on data that has been labeled in the training
process and determination of intrusion efforts is carried out based on network
flow which has a set of packets out from and into the network. There are several
methods of security testing for ML-NIDS, namely adversarial testing on modified
datasets and cross-testing with different models and datasets. In addition to model
performance, the general methods of security testing on IDS-es are to measure the
resource usage and detection time of the IDS. All of these methods are limited to
the focus of each method and do not describe ML-NIDS as a whole.
A security testbed was created to facilitate security testing on ML-NIDS-es. The
security testbed is intended for ML-NIDS-es that have a flow analysis method
on traffic with a supervised learning algorithm on the ML model. Based on
the characteristics of the ML-NIDS mentioned above, it is necessary to analyze
the model performance, detection time, and resource usage of ML-NIDS. To
accommodate the need to analyze ML-NIDS, the security testbed has a number
of features, including stopwatch(es) to measure detection time, resource monitor(s)
to measure the resource usage of the ML-NIDS, and statistics analyzer(s) to process
statistical data obtained during the security testing process. At the end of security
testing, the security testbed issues a report containing data analysis of the security
testing process.
The security testbed built can run well when there is traffic in the network and also
when both the controller and the agent are well connected. In ideal conditions, the
security testbed is able to provide analysis results from the security testing process
that has been carried out by providing a report that contains analysis results from
security testing. The security testbed is able to run both in normal use and with
simulated attacks. In addition, the security testbed has a small resource footprint
that does not significantly affect the performance of the running system. |
| format |
Final Project |
| author |
Naufal Hilmy, Andika |
| spellingShingle |
Naufal Hilmy, Andika DEVELOPMENT OF SECURITY TESTBED FOR MACHINE LEARNING NETWORK-BASED INTRUSION DETECTION SYSTEMS |
| author_facet |
Naufal Hilmy, Andika |
| author_sort |
Naufal Hilmy, Andika |
| title |
DEVELOPMENT OF SECURITY TESTBED FOR MACHINE LEARNING NETWORK-BASED INTRUSION DETECTION SYSTEMS |
| title_short |
DEVELOPMENT OF SECURITY TESTBED FOR MACHINE LEARNING NETWORK-BASED INTRUSION DETECTION SYSTEMS |
| title_full |
DEVELOPMENT OF SECURITY TESTBED FOR MACHINE LEARNING NETWORK-BASED INTRUSION DETECTION SYSTEMS |
| title_fullStr |
DEVELOPMENT OF SECURITY TESTBED FOR MACHINE LEARNING NETWORK-BASED INTRUSION DETECTION SYSTEMS |
| title_full_unstemmed |
DEVELOPMENT OF SECURITY TESTBED FOR MACHINE LEARNING NETWORK-BASED INTRUSION DETECTION SYSTEMS |
| title_sort |
development of security testbed for machine learning network-based intrusion detection systems |
| url |
https://digilib.itb.ac.id/gdl/view/85054 |
| _version_ |
1823657360978083840 |