Title | : | Internet Forensics Framework Based-on Clustering |
Author | : |
Imam Riadi (1) Prof. Dr. Ir. Jazi Eko Istiyanto, M.Sc. (2) Dr.techn. Ahmad Ashari, M.I.Kom. (3) Prof. Drs. Subanar, Ph.D. (4) |
Date | : | 0 2013 |
Keyword | : | framework,Forensics,Internet,Log,Clustering,Denial of Service framework,Forensics,Internet,Log,Clustering,Denial of Service |
Abstract | : | Internet network attacks are complicated and worth studying. The attacks include Denial of Service (DoS). DoS attacks that exploit vulnerabilities found in operating systems, network services and applications. Indicators of DoS attacks, is when legitimate users cannot access the system. This paper proposes a framework for Internet based forensic logs that aims to assist in the investigation process to reveal DoS attacks. The framework in this study consists of several steps, among others : logging into the text file and database as well as identifying an attack based on the packet header length. After the identification process, logs are grouped using k-means clustering algorithm into three levels of attack (dangerous, rather dangerous and not dangerous) based on port numbers and tcpflags of the package. Based on the test results the proposed framework can be grouped into three level attacks and found the attacker with a success rate of 89,02%, so, it can be concluded that the proposed framework can meet the goals set in this research. |
Group of Knowledge | : | Ilmu Komputer |
Original Language | : | English |
Level | : | Internasional |
Status | : |
Published
|