Internet Forensics Framework Based-on Clustering
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2013, Vol 4, Issue 12
Abstract
Internet network attacks are complicated and worth studying. The attacks include Denial of Service (DoS). DoS attacks that exploit vulnerabilities found in operating systems, network services and applications. Indicators of DoS attacks, is when legitimate users cannot access the system. This paper proposes a framework for Internet based forensic logs that aims to assist in the investigation process to reveal DoS attacks. The framework in this study consists of several steps, among others : logging into the text file and database as well as identifying an attack based on the packet header length. After the identification process, logs are grouped using k-means clustering algorithm into three levels of attack (dangerous, rather dangerous and not dangerous) based on port numbers and tcpflags of the package. Based on the test results the proposed framework can be grouped into three level attacks and found the attacker with a success rate of 89,02%, so, it can be concluded that the proposed framework can meet the goals set in this research.
Authors and Affiliations
Imam Riadi, Jazi Istiyanto, Ahmad Ashari, Subanar
Keywords
Related Articles
- EP ID EP88333
- DOI 10.14569/IJACSA.2013.041217
- Views 96
- Downloads 0
The Application of Fuzzy Control in Water Tank Level Using Arduino
Fuzzy logic control has been successfully utilized in various industrial applications; it is generally used in complex control systems, such as chemical process control. Today, most of the fuzzy logic controls are still...
Effect Of A Video-Based Laboratory On The High School Pupils’ Understanding Of Constant Speed Motion
Among the physical phenomena studied in high school, the kinematical concepts are important because they constitute a precondition for the study of subsequent concepts of mechanics. Our research aims at studying th...
The threshold EM algorithm for parameter learning in bayesian network with incomplete data
Bayesian networks (BN) are used in a big range of applications but they have one issue concerning parameter learning. In real application, training data are always incomplete or some nodes are hidden. To deal with this p...
Prediction of Academic Performance Applying NNs: A Focus on Statistical Feature-Shedding and Lifestyle
Automation has made it possible to garner and preserve students’ data and the modern advent in data science enthusiastically mines this data to predict performance, to the interest of both tutors and tutees. Academic exc...
A Novel Expert System for Building House Cost Estimation: Design, Implementation, and Evaluation
This paper introduces an expert system which demonstrates a new method for accurate estimation of building house cost. This system is simple and decreases the time, the effort, and the money of its beneficiaries. In addi...