Bambang Setiawan (middle), recipient of Doctorate at ITS, with his family, external examiners, and his colleagues after an open session of doctoral promotion at the ITS Informatics Engineering Department

ITS Campus, ITS News – The increasing high risk of hacking phenomenon in digital technology devices in all sectors leads to the urgency of security protection, one of which is the Intrusion Detection System (IDS). But due to the many shortcomings, a doctoral graduate of Institut Teknologi Sepuluh Nopember (ITS) conducted a research to improve the system’s deficiencies.

He is Bambang Setiawan who underwent the doctoral program at ITS Informatics Engineering, who presented research for his dissertation during the Doctoral Promotion Session in mid-February.

Bambang explained that to maintain computer network security, the Intrusion Detection system is needed. This intrusion detection is a method used to detect suspicious activity in a system or network. “So far, many IDS models have been developed, but in the process still produces false negatives,” he indicated.

Bambang explained that false negative is when a program states a symptom, even though it does not exist. He also added that another weakness found was the inability of the system to detect all types of attacks.

Through his research, this lecturer of the ITS Information Systems Department is trying to build a new approach to the IDS model through a combination of processes. The first is the normalization process, i.e. changing values ​​on the same scale. “In normalization, rounding behind the comma is not given much attention, so it becomes a gap that needs to be discussed further,” stated this bespectacled man.

Bambang Setiawan, recipient of Doctorate at ITS, when presenting his dissertation at the Doctoral Promotion Session at the ITS Informatics Engineering Department

In his research, this 50-year-old lecturer tried to be more careful with the numbers behind the comma, as to avoid changing the value of mutual information from the features processed.

Next is to apply methods of feature selection for imbalanced classes or the imbalance of the amount of data between two different classes. “The aim is to get features that better support the detection of minority classes or very small amounts of data,” he identified.

Lastly, Bambang continued, is the merging of three classifiers namely Centroid-based Classification (CBC), Support Vector Machine (SVM) with optimization of RBF kernel parameters (SVM-OP), and also SMV with optimization of class weights (SMV-OW) with the ensemble approach voting that is able to validate attacks predicted as normal or false negative network traffic.

Bambang also revealed that this research is still basic and definitely needs further research. The results of this study, which gained him a Doctorate at ITS, are still in the form of modeling and will be tested later on in the actual network. “I want to justify and apply this IDS model in other cases,” he concluded. (meg/ory/ITS Public Relations)