Spatio Temporal with Scalable Automatic Bisecting-Kmeans for Network Security Analysis in Matagaruda Project

  • Masfu Hisyam Politeknik Elektrinika Negeri Surabaya
  • Ali Ridho Barakbah Politeknik Elektrinika Negeri Surabaya
  • Iwan Syarif Politeknik Elektrinika Negeri Surabaya
  • Ferry Astika S Politeknik Elektrinika Negeri Surabaya

Abstract

Internet attacks are a frequent occurrence and the incidence is always increasing every year, therefore Matagaruda project is built to monitor and analyze internet attacks using IDS (Intrusion Detection System). Unfortunately, the Matagaruda project has lacked in the absence of trend analysis and spatiotemporal analysis. It causes difficulties to get information about the usual seasonal attacks, then which sector is the most attacked and also the country or territory where the internet attack originated. Due to the number of unknown clusters, this paper proposes a new method of automatic bisecting K-means with the average of SSE is 93 percents better than K-means and bisecting K-means. The usage of big spark data is highly scalable for processing massive data attack.

References

Zarrabi and A. Zarrabi, "Internet Intrusion Detection System Service in a Cloud," IJCSI International Journal of Computer Science, vol. 9, no. 5, p. 1, 9 2012.

F. Astika, I. Winarno and M. B. Muliawan, "Implementing Network Situational Awareness in Matagaruda," in International Electronics Symposium (IES), Surabaya, 2015.

R. Zuech, T. M. Khoshgoftaar and R. Wald, "Intrusion detection and Big Heterogeneous Data: a Survey," SpringerOpen Jurnal, vol. 2, no. 3, p. 4, 2015

F. A. Saputra and A. Abdillah, "Big Data Analysis Architecture for Multi IDS Sensors using Memory based Processor," Surabaya, 2017.

M. Steinbach, G. Karypis and V. Kumar, "A Comparison of Document Clustering Techniques," Minnesota, 2000.

T. Shimeall and W. Phil, "Models of Information Security Trend Analysis," Piitsburgh.

Z. Chen and C. Ji, "Spatial-temporal modeling of malware propagation in networks," in IEEE Transactions on Neural Networks, Atlanta, 2005.

G. Jiang and G. Cybenko, "Temporal and spatial distributed event correlation for network security," in American Control Conference, Boston, 2004.

S. Harifi, "Comparative Study of Apache Spark MLlib Clustering Algorithms," in Data Mining and Big Data: Second International Conference, Fukuoka, 2017.

Y. Zhuang, Y. Mao and C. Xin, "A Limited Iteration Bisecting K-means for Fast Clustering Large Dataset," Texas, 2016.

A. R. Barakbah and K. Arai, "Determining Constrains of Moving Variance to Find Global Optimum and Make Automatic Clustering," Surabaya, 2004.

M. Tiwari and A. Bharti, "INTRUSION DETECTION SYSTEM," in International Journal of Technical Research and Applications, New Delhi, 2017.

S. Chakrabarti, I. Mukhopadhyay and M. Chakraborty, "Study of snort-based IDS," Mumbai, 2010.

T. Qureshi, "Big Data and Hadoop," in International Journal of Computer Application & Applied Sciences, CollegeFaisalabad, 2015.

M. Zaharia, M. Chowdhury, M. J. Franklin, S. Shenker and I. Stoica, "Spark: Cluster Computing with Working Sets," 2010. [Online]. Available: http://people.csail.mit.edu/matei/papers/2010/hotcloud_spark.pdf. [Accessed 2018].

Apache, "Apache Spark," Apache, [Online]. Available: https://spark.apache.org. [Accessed 28 04 2018].

Published
2019-06-15
Section
Articles