TY - GEN
T1 - Network Behavior Anomaly Detection using Decision Tree
AU - Wighneswara, Alifiannisa Alyahasna
AU - Sjahrunnisa, Anita
AU - Romadhona, Yasinta
AU - Maula, Khoifah Inda
AU - Tyas, Salsabila Mazya Permataning
AU - Shiddiqi, Ary Mazharuddin
AU - Studiawan, Hudan
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - The overall development of the internet allows internet attacks to occur, which can cause damage to a system. Threats and attacks on internet networks are more vulnerable to the surface because the internet is fully open to users. We need data protection from threats and attacks to maintain confidentiality, availability, and system information. Threats or disturbances can be referred to as anomalies. Anomaly detection is needed to prevent changes in traffic flow. Anomaly detection is one of three techniques of the Intrusion Detection System (IDS). Network characteristics tracked by network anomaly detection programs at scale include packets, bandwidth, bytes, traffic volume, and the used protocols. Suspicious events are recorded in Interface, IP Group, Transmission Control Protocol (TCP), User Data Protocol (UDP), and Internet Control Message Protocol (ICMP) reports. Therefore, this research was carried out to detect anomalies using the Machine Learning algorithm: Decision Tree. This study analyzed 4998 records with 34 attributes, with one attribute as a class. Using the decision tree method, the highest accuracy results are 99.95%.
AB - The overall development of the internet allows internet attacks to occur, which can cause damage to a system. Threats and attacks on internet networks are more vulnerable to the surface because the internet is fully open to users. We need data protection from threats and attacks to maintain confidentiality, availability, and system information. Threats or disturbances can be referred to as anomalies. Anomaly detection is needed to prevent changes in traffic flow. Anomaly detection is one of three techniques of the Intrusion Detection System (IDS). Network characteristics tracked by network anomaly detection programs at scale include packets, bandwidth, bytes, traffic volume, and the used protocols. Suspicious events are recorded in Interface, IP Group, Transmission Control Protocol (TCP), User Data Protocol (UDP), and Internet Control Message Protocol (ICMP) reports. Therefore, this research was carried out to detect anomalies using the Machine Learning algorithm: Decision Tree. This study analyzed 4998 records with 34 attributes, with one attribute as a class. Using the decision tree method, the highest accuracy results are 99.95%.
KW - anomaly
KW - decision tree
KW - detection
KW - machine learning
KW - network behavior
UR - http://www.scopus.com/inward/record.url?scp=85161986704&partnerID=8YFLogxK
U2 - 10.1109/CSNT57126.2023.10134589
DO - 10.1109/CSNT57126.2023.10134589
M3 - Conference contribution
AN - SCOPUS:85161986704
T3 - Proceedings - 2023 12th IEEE International Conference on Communication Systems and Network Technologies, CSNT 2023
SP - 705
EP - 709
BT - Proceedings - 2023 12th IEEE International Conference on Communication Systems and Network Technologies, CSNT 2023
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 12th IEEE International Conference on Communication Systems and Network Technologies, CSNT 2023
Y2 - 8 April 2023 through 9 April 2023
ER -