| dc.description.abstract | This research aims to develop a network attack early detection system by combining the
Local Outlier Factor (LOF) algorithm and Rule-Based System. LOF is used to detect
anomalies based on local data density, enabling high-accuracy identification of outliers
in dynamic and unlabeled network data. This algorithm is able to recognize attack
patterns that are difficult to detect by conventional methods. Meanwhile, the Rule-based
System complements LOF with an “if-then” rule-based approach to recognize specific
attack patterns, improving the accuracy and validation of detection results. The
combination of these two methods aims to minimize false positives and false negatives,
improve response to attacks, and enable automatic mitigation actions. The developed
system was tested using network attack data which includes DoS, Probing, TCP Flood,
and UDP Flood, taken from publicly available datasets. The testing process involves
analyzing the accuracy of the system in detecting and classifying attacks. The results
show that the integration of LOF and Rule-Based System can detect various types of
attacks with good accuracy, minimize detection errors, and provide real-time network
traffic information to users. However, the system still relies on pre-defined rules, which
means that the detection capability of new, unidentified attack patterns may be limited.
The system is also not equipped with an automatic mechanism to prevent attacks once
detected, so it only serves as a monitoring and early detection tool. Therefore, this
research suggests further development by integrating more adaptive machine learning
technologies such as deep learning, as well as the implementation of automated
prevention mechanisms to improve the effectiveness of detection and response to
network threats. | en_US |
