Deteksi Intrusi Pada Basis Data Menggunakan Random Forest

Novianti Indah Putri, Arief Zulianto, Wiwin Suwarningsih

Abstract

More services have been made online in recent years, more and more data is being stored virtually. This important and confidential data becomes an easy target for criminals in the era of digitalization. Database security becomes very necessary to keep data safe. Attacks can come from outside or from within, attacks caused by insiders are the second biggest threat after hacking. Conventional security has not been able to detect anomalies from internal users. This can be anticipated using an intrusion detection mechanism. This mechanism has previously been applied to networks and hosts. However, some actions that are harmful to the database are not necessarily harmful to the network and hosts so that intrusion detection on the database becomes extra security to defend the database from intruders. This system uses the Random Forest algorithm which includes supervised learning to detect anomalous transactions. The dataset used is a transaction log containing 773 records and 9 attributes. Anomalies are determined based on the threshold value of 3 attributes, namely operation, object and field name. The test uses 6 different trees, 10, 20, 40, 60, 80 and 100. The results of the test on 762 records and 5 attributes used, the Random Forest algorithm has the highest accuracy value on the number of trees 80 and 100 which have a test time difference of 0 .03 seconds. In the dataset used, the optimum number of trees is found at number 80 with an accuracy value of 99.56% and an execution time of 0.13183 seconds.

Keywords

Keamanan Basis Data; Deteksi Intrusi; Machine Learning; Random Forest

Full Text:

PDF

References

A. Kamra and E. Bertino, “Design and implementation of an intrusion response system for relational databases,” IEEE Trans. Knowl. Data Eng., vol. 23, no. 6, pp. 875–888, 2011, doi: 10.1109/TKDE.2010.151.

D. Nandasana and V. Barot, “A framework for database intrusion detection system,” Proc. - Int. Conf. Glob. Trends Signal Process. Inf. Comput. Commun. ICGTSPICC 2016, pp. 74–78, 2017, doi: 10.1109/ICGTSPICC.2016.7955272.

I. Singh, V. Darbari, L. Kejriwal, and A. Agarwal, “Conditional adherence based classification of transactions for database intrusion detection and prevention,” 2016 Int. Conf. Adv. Comput. Commun. Informatics, ICACCI 2016, pp. 42–49, 2016, doi: 10.1109/ICACCI.2016.7732023.

M. R. Keyvanpour, M. Barani Shirzad, and S. Mehmandoost, “CID: a novel clustering-based database intrusion detection algorithm,” J. Ambient Intell. Humaniz. Comput., vol. 12, no. 2, pp. 1601–1612, 2021, doi: 10.1007/s12652-020-02231-4.

S. M. Darwish, S. K. Guirguis, and M. M. Ghozlan, “Intrusion detection in role administrated database: Transaction-based approach,” Proc. - 2013 8th Int. Conf. Comput. Eng. Syst. ICCES 2013, no. July 2014, pp. 73–79, 2013, doi: 10.1109/ICCES.2013.6707175.

R. Ramachandran, R. Nidhin, and P. P. Shogil, “Anomaly Detection in Role Administered Relational Databases - A Novel Method,” 2018 Int. Conf. Adv. Comput. Commun. Informatics, ICACCI 2018, pp. 1017–1021, 2018, doi: 10.1109/ICACCI.2018.8554752.

S. Jayaprakash and K. Kandasamy, “Database Intrusion Detection System Using Octraplet and Machine Learning,” Proc. Int. Conf. Inven. Commun. Comput. Technol. ICICCT 2018, no. Icicct, pp. 1413–1416, 2018, doi: 10.1109/ICICCT.2018.8473029.

B. H. Izza, Khaerani. Lekso, “Implementasi Dan Analisa Hasil Data Mining Untuk Klasifikasi Serangan Pada Intrusion Detection (Ids) Dengan Algoritma C4.5,” Techno.COM, vol. 14, no. 3, pp. 181–188, 2015.

C. A. Ronao and S. Cho, “A Comparison of Data Mining Techniques for Anomaly Detection in Relational Databases,” Int’l. Conf. Digit. Soc., no. c, pp. 11–16, 2015, [Online]. Available: http://sclab.yonsei.ac.kr/publications/Papers/IC/2015_ICDS.pdf.

M. Doroudian, N. Arastouie, M. Talebi, and A. R. Ghanbarian, “Multilayered database intrusion detection system for detecting malicious behaviors in big data transaction,” 2015 2nd Int. Conf. Inf. Secur. Cyber Forensics, InfoSec 2015, pp. 105–110, 2016, doi: 10.1109/InfoSec.2015.7435514.

S. J. Bu and S. B. Cho, “A hybrid system of deep learning and learning classifier system for database intrusion detection,” Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol. 10334 LNCS, pp. 615–625, 2017, doi: 10.1007/978-3-319-59650-1_52.

S. Anwar, F. Septian, and R. D. Septiana, “Klasifikasi Anomali Intrusion Detection System (IDS) Menggunakan Algoritma Naïve Bayes Classifier dan Correlation-Based Feature Selection,” J. Teknol. Sist. Inf. dan Apl., vol. 2, no. 4, p. 135, 2019, doi: 10.32493/jtsi.v2i4.3453.

S. M. Siadat, M. Rezvani, and H. Shirgahi, “Proposing a secure method for intrusion detection in Amazon EC2 public cloud,” Researchgate.Net, no. January, 2016, [Online]. Available: https://www.researchgate.net/profile/Hossein_Shirgahi/publication/311312293_International_Journal_of_Educational_Advancement_Proposing_a_secure_method_for_intrusion_detection_in_Amazon_EC2_public_cloud/links/584169a008ae61f75dd0e537/International-Journal-.

D. Wagner, “A comprehensive approach to security,” MIT Sloan Manag. Rev., vol. 48, no. 4, p. 8, 2007, doi: 10.1007/11535706.

Refbacks

  • There are currently no refbacks.