TCP FIN Flood Attack Pattern Recognition on Internet of Things with Rule Based Signature Analysis

Authors

  • Deris Stiawan Universitas Sriwijaya
  • Dimas Wahyudi Universitas Sriwijaya
  • Ahmad Heryanto Universitas Sriwijaya
  • Samsuryadi Samsuryadi Universitas Sriwijaya
  • Mohd. Yazid Idris Universiti Teknologi Malaysia
  • Farkhana Muchtar School of Computing, Universiti Teknologi Malaysia
  • Mohammed Abdullah Alzahrani Albaha University
  • Rahmat Budiarto Albaha University

DOI:

https://doi.org/10.3991/ijoe.v15i07.9848

Abstract


Focus of this research is TCP FIN flood attack pattern recognition in Internet of Things (IoT) network using rule based signature analysis method. Dataset is taken based on three scenario normal, attack and normal-attack. The process of identification and recognition of TCP FIN flood attack pattern is done based on observation and analysis of packet attribute from raw data (pcap) using a feature extraction and feature selection method. Further testing was conducted using snort as an IDS. The results of the confusion matrix detection rate evaluation against the snort as IDS show the average percentage of the precision level.

Downloads

Published

2019-04-15

How to Cite

Stiawan, D., Wahyudi, D., Heryanto, A., Samsuryadi, S., Idris, M. Y., Muchtar, F., Abdullah Alzahrani, M., & Budiarto, R. (2019). TCP FIN Flood Attack Pattern Recognition on Internet of Things with Rule Based Signature Analysis. International Journal of Online and Biomedical Engineering (iJOE), 15(07), pp. 124–139. https://doi.org/10.3991/ijoe.v15i07.9848

Issue

Section

Papers