PENGEMBANGAN WEB APPLICATION FIREWALL BERBASIS MACHINE LEARNING MENGGUNAKAN PSO-SVM DENGAN PENDEKATAN HYBRID: SIGNATURE DAN ANOMALY BASED

Pratama, Novandi Kevin (2024) PENGEMBANGAN WEB APPLICATION FIREWALL BERBASIS MACHINE LEARNING MENGGUNAKAN PSO-SVM DENGAN PENDEKATAN HYBRID: SIGNATURE DAN ANOMALY BASED. Undergraduate thesis, UPN Veteran Jawa Timur.

[img] Text (Cover)
20081010005_Cover .pdf
Download (2MB)
[img] Text (Bab 1)
20081010005-Bab1.pdf
Download (193kB)
[img] Text (Bab 2)
20081010005-Bab2.pdf
Restricted to Repository staff only until 16 October 2026.
Download (627kB)
[img] Text (Bab 3)
20081010005-Bab3.pdf
Restricted to Repository staff only until 16 October 2026.
Download (720kB)
[img] Text (Bab 4)
20081010005-Bab4.pdf
Restricted to Repository staff only until 16 October 2026.
Download (2MB)
[img] Text (Bab 5)
20081010005-Bab5.pdf
Download (186kB)
[img] Text (Daftar Pustaka)
20081010005-DaftarPustaka.pdf
Download (192kB)

Abstract

The use of web applications is essential in education and business, facilitating access to online learning and team communication. However, web application security becomes crucial due to the increasing number of users and the sensitive data stored. Attacks such as SQL Injection threaten web applications that do not properly validate user input. A Web Application Firewall (WAF) protects web applications using signature-based and anomaly-based approaches. Signature-based detection identifies attacks based on known patterns but is ineffective against new attacks. Anomaly-based detection identifies suspicious patterns using machine learning but is slow for real-time detection. A hybrid approach combines both methods to cover each other's weaknesses. This research implements PSO-SVM to improve attack detection on HTTP requests. The combination of signature-based and anomaly-based approaches, optimized using PSO, aims to enhance the detection of new attacks and reduce the number of successful attacks. Evaluation is conducted with various testing scenarios, utilizing a fitness function to optimize SVM parameters. The final results show a significant improvement in attack detection and security system performance. From various testing scenarios, the most optimal model achieved an average accuracy of 97.80%. However, the evaluation of the best model's speed shows that the anomaly-based method with PSO-SVM has a slower detection time compared to the signature-based method, with the fastest detection time difference between the methods reaching up to 8.98 ms. Nonetheless, the advantage of the anomaly-based method in detecting new attacks still provides a crucial contribution to maintaining system security.

Item Type: Thesis (Undergraduate)
Contributors:
ContributionContributorsNIDN/NIDKEmail
Thesis advisorJunaidi, AchmadNIDN0710117803achmadjunaidi.if@upnjatim.ac.id
Thesis advisorNurlaili, Afina LinaNIDN0013129303afina.lina.if@upnjatim.ac.id
Subjects: T Technology > T Technology (General)
Divisions: Faculty of Computer Science > Departemen of Informatics
Depositing User: NOVANDI KEVIN PRATAMA
Date Deposited: 21 Oct 2024 09:02
Last Modified: 21 Oct 2024 09:02
URI: https://repository.upnjatim.ac.id/id/eprint/31342

Actions (login required)

View Item View Item