Embed Size (px)
Citation preview
Analisis Sistem Mitigasi Distributed Denial of Service
Menggunakan Artificial Neural Netwok Dan Convolutional Neural
Network Pada Jaringan OpenFlow
LAPORAN TUGAS AKHIR
Diajukan Untuk Memenuhi
Persyaratan Guna Meraih Gelar Sarjana
Informatika Universitas Muhammadiyah Malang
Hafida Isnaini
201610370311100
Bidang Minat
Jaringan
PROGRAM STUDI INFORMATIKA
FAKULTAS TEKNIK
UNIVERSITAS MUHAMMADIYAH MALANG
2021
i
ii
iii
iv
ABSTRAK
Jaringan Softwared Defined Networking (SDN) membantu mengatasi
permasalahan jaringan tradisional yang ada dengan menggunakan controller
sebagai pengendali pusat dari segala aktivitas jaringan yang ada. Akan tetapi
controller yang bertugas sebagai pusat konfigurasi di dalam jaringan SDN memiliki
keamanan yang sangat rentan diserang. Terutama oleh Distributed Denial of
Services (DDoS). Penelitian ini dilakukan untuk mengklasifikasi adanya paket
serangan DDoS pada jaringan SDN. Dengan menggunakan metode Artificial
Neural Network (ANN) dan Convolutional Neural Network (CNN). Hasil dari
klasifikasi tersebut yang akan digunakan untuk melakukan mitigasi terhadap
serangan yang masuk. Dalam penelitian kali ini, penulis mengusulkan dataset
dengan skema fitur baru yang mendukung environtment pada jaringan SDN. Hasil
yang didapatkan dalam penelitian kali ini menunjukkan bahwa ANN memiliki
waktu yang lebih singkat dalam proses deteksi dan mitigasi dibandingkan metode
CNN yaitu hanya 0,7 detik. Hasil akurasi terbesar didapatkan dengan metode CNN
yakni mencapai 96,83%. Sedangkan hasil pengujian untuk CPU usage berbanding
lurus dengan jumlah packet rate per second yang digunakan. Semakin banyak
packet rate yang digunakan, maka beban yang ada dalam controller menjadi
semakin meningkat.
Kata Kunci : Software defined network, ANN, CNN, DDoS, flow mitigasi
v
ABSTRACT
Softwared Defined Networking (SDN) helps solve traditional network
problems by using a controller as the central controller of all existing network
activities. However, the controller that acts as a configuration center on the SDN
network has security that is very vulnerable to attack. Mainly by Distributed Denial
of Services (DDoS). This research was conducted to classify the presence of DDoS
attack packets on SDN networks. By using the Artificial Neural Network (ANN)
and Convolutional Neural Network (CNN) methods. The results of this
classification will be used to mitigate incoming attacks. In this research, the authors
propose a dataset with a new feature scheme that supports environment on SDN
networks. The results obtained in this study indicate that ANN has a shorter time in
the detection and mitigation process than the CNN method which is only 0,7
second. The greatest accuracy results were obtained by the CNN method, reaching
96.83%. Meanwhile, the test results for CPU usage are directly proportional to the
number of packet rates per second used. The more packet rates used, the load on
the controller will increase.
Keywords : Kata Kunci : Software defined network, ANN, CNN, DDoS, flow mitigasi
vi
LEMBAR PERSEMBAHAN
Puji syukur kepada Allah SWT atas rahmat dan karunia-Nya sehingga penulis
dapat menyelesaikan Tugas Akhir ini. Penulis menyampaikan ucapan terima kasih
yang sebesar-besarnya kepada :
1. Orang tua dan keluarga tercinta yang selalu memberi semangat, saran dan doa
yang terbaik untuk saya.
2. Bapak Agus Eko Minarno, S.Kom., M.Kom selaku Dosen Pembimbing 1 dan
Bapak Fauzi Dwi Setiawan Sumadi, S.T., M.CompSc. selaku Dosen Pembimb-
ing 2 yang bersedia meluangkan waktu untuk membimbing, membantu dan
memberikan arahan kepada penulis.
3. Teman tersayang penulis Pongo, Wahyu, Harris dan Ibnu yang tidak pernah
lelah dalam mengingatkan dan memberi semangat untuk segera menyelesaikan
skripsi.
4. Terimakasih kepada rekan skripsi SDN Oxicusa yang telah membantu dan
memberi semangat selama pengerjaan skripsi.
5. Terima kasih kepada teman-teman selama menempuh pendidikan di Universi-
tas Muhammadiyah Malang
6. Seluruh teman-teman yang tidak bisa saya sebutkan satu per satu, terima kasih
banyak atas dukungan, bantuan dan do’a nya.
Malang, 4 Desember 2020
Hafida Isnaini
vii
KATA PENGANTAR
Dengan memanjatkan puji syukur kehadirat Allah SWT. Atas limpahan
rahmat dan hidayah-Nya sehingga peneliti dapat menyelesaikan tugas akhir yang
berjudul :
“Analisis Sistem Mitigasi Distributed Denial of Service
Menggunakan Artificial Neural Netwok Dan Convolutional Neural
Network Pada Jaringan OpenFlow”
Di dalam tulisan ini disajikan pokok-pokok bahasan yang meliputi penjelasan
terkait penelitian-penelitian terdahulu, metode yang digunakan, deteksi dan
mitigasi untuk serangan DDoS yang ada dalam jaringan SDN dengan menggunakan
metode ANN dan CNN.
Peneliti menyadari sepenuhnya bahwa dalam penulisan tugas akhir ini masih
banyak kekurangan dan keterbatasan. Oleh karena itu peneliti mengharapkan saran
yang membangun agar tulisan ini bermanfaat bagi perkembangan ilmu
pengetahuan.
Malang, 4 Desember 2020
Hafida Isnaini
viii
Daftar Isi
LEMBAR PERSETUJUAN..................................................................................... i
LEMBAR PENGESAHAN .................................................................................... ii
LEMBAR PERNYATAAN .................................................................................... iii
ABSTRAK ............................................................................................................. iv
ABSTRACT ............................................................................................................ v
LEMBAR PERSEMBAHAN ................................................................................ vi
KATA PENGANTAR ............................................................................................ vii
Daftar Isi............................................................................................................... viii
DAFTAR GAMBAR .............................................................................................. x
DAFTAR TABEL ................................................................................................... xi
BAB I ...................................................................................................................... 1
1.1. Latar Belakang .......................................................................................... 1
1.2. Rumusan Masalah ..................................................................................... 4
1.3. Tujuan Penelitian ...................................................................................... 4
1.4. Batasan Masalah ....................................................................................... 4
1.5. Sistematika Penulisan ............................................................................... 5
BAB II ..................................................................................................................... 6
2.1. Landasan Teori .......................................................................................... 6
2.2. Software Defined Network ....................................................................... 7
2.3. Arsitektur Software Defined Network ...................................................... 8
2.4. Ryu Controller ........................................................................................... 9
2.5. OpenFlow ................................................................................................ 10
2.6. Mininet ..................................................................................................... 11
2.7. Wireshark ................................................................................................. 11
2.8. Scapy ....................................................................................................... 12
2.9. Tcpreplay ................................................................................................. 12
2.10. Distributed Denial of Service.................................................................. 12
2.11. Evaluasi Deep learning ........................................................................... 13
2.12. ANN ........................................................................................................ 14
2.13. CNN ........................................................................................................ 15
BAB III ................................................................................................................. 16
3.1. Alur Penelitian ........................................................................................ 16
3.2. Analisis Masalah ..................................................................................... 17
3.3. Analisis Sistem........................................................................................ 18
ix
3.4. Perancangan Topologi ............................................................................. 18
3.5. Perancangan Sistem ................................................................................ 20
3.5.1 Perancangan Dataset ............................................................................... 20
3.5.2 Perancangan paket .................................................................................. 24
3.5.3 Perancangan Deep learning..................................................................... 25
3.5.4 Perancangan Mitigasi .............................................................................. 25
3.6. Skenario Pengujian ................................................................................. 27
3.6.1 Menghitung Nilai Akurasi, Precission, Recall, F-1 score ....................... 27
3.6.2 Menghitung Waktu Instalasi Flowrule .................................................... 28
3.6.3 Menghitung Resource Controller ............................................................ 29
3.6.4 Menghitung Packet in .............................................................................. 29
BAB IV ................................................................................................................. 31
4.1 Implementasi ........................................................................................... 31
4.1.1 Implementasi data ................................................................................... 31
4.1.2 Implementasi Perancangan Deep learning .............................................. 33
4.1.3 Implementasi Pengujian .......................................................................... 37
4.2 Hasil Pengujian ....................................................................................... 41
4.2.1 Evaluasi klasifikasi model ANN dan CNN ............................................. 41
4.2.2 Hasil Pengujian Jumlah Packet in .......................................................... 43
4.2.3 Hasil Pengujian Waktu install flowrule .................................................. 44
4.2.4 Hasil Pengujian CPU usage ..................................................................... 45
BAB V ................................................................................................................... 47
5.1 Kesimpulan ................................................................................................ 47
5.2 Saran .......................................................................................................... 47
DAFTAR PUSTAKA ............................................................................................ 49
LAMPIRAN .......................................................................................................... 52
x
DAFTAR GAMBAR
Gambar 2.1 Perbedaan jaringan tradisional dan jaringan SDN .............................. 8
Gambar 2.2 Arsitektur SDN. ................................................................................... 9
Gambar 2.3 Confusion matrix .............................................................................. 13
Gambar 2.4 Struktur Artificial Neural Network .. ................................................ 14
Gambar 2.5 Struktur Convolutional Neural Network ........................................... 15
Gambar 3.1 Alur Penelitian ................................................................................... 16
Gambar 3.2 Rancangan Topologi Tree .................................................................. 19
Gambar 3.3 Proses ekstraksi dataset ..................................................................... 23
Gambar 3.4 Alur proses mitigasi ........................................................................... 26
Gambar 4.1 Perintah untuk membuat paket DDoS UDP ...................................... 31
Gambar 4.2 Perintah untuk membuat paket Normal UDP .................................... 31
Gambar 4.3 Perintah untuk membuat topologi tree .............................................. 32
Gambar 4.4 Perintah untuk menjalankan ryu ........................................................ 32
Gambar 4.5 Perintah untuk kirim paket menggunakan tcpreplay ......................... 33
Gambar 4.6 Source code untuk menjalankan ryu controller ................................. 38
Gambar 4.7 Perintah untuk menemukan PID pada ryu-manager ......................... 39
Gambar 4.8 Perintah untuk memonitoring penggunaan CPU ............................... 39
Gambar 4.9 Capture paket serangan menggunakan wireshark ............................ 40
Gambar 4.10 Contoh perintah menjalankan tcpreplay menggunakan 100pps ...... 40
Gambar 4.11 Hasil Output, waktu deteksi dan mitigasi serangan ........................ 41
Gambar 4.12 Flow mitigasi sudah terinstall pada switch ..................................... 41
Gambar 4.13 Diagram batang perbandingan hasil penelitian ............................... 43
Gambar 4.14 Diagram Batang Hasil Pengujian Packet In .................................... 44
Gambar 4.14 Diagram Batang Hasil Pengujian Waktu Instalasi Flowrule ........... 45
Gambar 4.15 Diagram Batang Hasil Pengujian CPU Usage ................................ 46
xi
DAFTAR TABEL
Tabel 3.1 Kebutuhan Perangkat Keras .................................................................. 18
Tabel 3.2 Kebutuhan Perangkat Lunak ................................................................. 18
Tabel 3.3 List Fitur flow statistic .......................................................................... 21
Tabel 3.4 Keseluruhan List Fitur yang digunakan ................................................ 22
Tabel 3.5 Contoh Dataset yang digunakan ............................................................ 24
Tabel 3.6 Struktur Flowrule .................................................................................. 27
Tabel 3.7 Perhitungan confusion matrix ............................................................... 28
Tabel 3.8 Perbandingan hasil accuracy ................................................................. 28
Tabel 3.9 Perhitungan waktu install flowrule ....................................................... 29
Tabel 3.10 Tabel perhitungan CPU usage ............................................................. 29
Tabel 3.11 Perhitungan paket in ............................................................................ 30
Tabel 4.1 Source code untuk load data .................................................................. 33
Tabel 4.2 Source code preprocessing data ............................................................ 34
Tabel 4.3 Source code untuk to_categorical ......................................................... 34
Tabel 4.4 Source code untuk membangun model ANN ........................................ 35
Tabel 4.5 Source code untuk membangun model CNN ........................................ 35
Tabel 4.6 Source code untuk proses training ........................................................ 36
Tabel 4.7 Source code untuk save model ANN ..................................................... 37
Tabel 4.8 Source code untuk save model CNN ..................................................... 37
Tabel 4.9 Source code untuk drop paket ............................................................... 37
Tabel 4.10 Hasil evaluasi model ANN dan CNN .................................................. 42
Tabel 4.11 Perbandingan hasil accuracy dengan penelitian terdahulu .................. 43
Tabel 4.12 Hasil pengujian packet in .................................................................... 44
Tabel 4.13 Hasil pengujian waktu install flowrule ................................................ 45
Tabel 4.14 Hasil pengujian rata-rata CPU usage .................................................. 46
xii
DAFTAR LAMPIRAN
Lampiran 1. Script simple_switch_13_flowmitigasi.py…………………………50
Lampiran 2. Script simple_switch_13_flowstatistic.py………………………….53
Lampiran 3. Script cpu_usage.py………………………………………………...61
Lampiran 4. Script generatorcsv.py………………………...….…………………61
Lampiran 5. Script compareresult.py…………………………………………….63
Lampiran 6. Script calculateres.py………………………….……………………64
xiii
49
DAFTAR PUSTAKA
[1] M. H. Raza, S. C. Sivakumar, A. Nafarieh, and B. Robertson, “A comparison
of software defined network (SDN) implementation strategies,” Procedia
Comput. Sci., vol. 32, pp. 1050–1055, 2014.
[2] F. D. S. Sumadi and D. R. Chandranegara, “Controller Based Proxy for
Handling NDP in OpenFlow Network,” Kinet. Game Technol. Inf. Syst.
Comput. Network, Comput. Electron. Control, vol. 4, no. 1, p. 55, 2018.
[3] H. Kim and N. Feamster, “Improving network management with software
defined networking,” IEEE Commun. Mag., vol. 51, no. 2, pp. 114–119,
2013.
[4] T. Alharbi and M. Portmann, “SProxy ARP - efficient ARP handling in
SDN,” 26th Int. Telecommun. Networks Appl. Conf. ITNAC 2016, no.
November 2017, pp. 179–184, 2017.
[5] H. Beitollahi and G. Deconinck, “Tackling application-layer DDoS Attacks,”
Procedia Comput. Sci., vol. 10, pp. 432–441, 2012.
[6] A. Aljumah, “Detection of Distributed Denial of Service Attacks Using
Artificial Neural Networks,” vol. 8, no. 8, pp. 306–318, 2017.
[7] M. Mustafa, M. Nasir Taib, Z. Hj. Murat, and N. Sulaiman, “Comparison
between KNN and ANN Classification in Brain Balancing Application via
Spectrogram Image,” J. Comput. Sci. Comput. Math., vol. 2, no. 4, pp. 17–
22, 2012.
[8] J. Ye, X. Cheng, J. Zhu, L. Feng, and L. Song, “A DDoS Attack Detection
Method Based on SVM in Software Defined Network,” Secur. Commun.
Networks, vol. 2018, 2018.
[9] S. Dong and M. Sarem, “DDoS Attack Detection Method Based on Improved
KNN with the Degree of DDoS Attack in Software-Defined Networks,”
IEEE Access, vol. 8, pp. 5039–5048, 2020.
[10] T. A. Tang, L. Mhamdi, D. McLernon, S. A. R. Zaidi, and M. Ghogho, “Deep
learning approach for Network Intrusion Detection in Software Defined
Networking,” Proc. - 2016 Int. Conf. Wirel. Networks Mob. Commun.
WINCOM 2016 Green Commun. Netw., pp. 258–263, 2016.
[11] G. Liang and W. Li, “A novel industrial control architecture based on
50
Software-Defined Network,” Meas. Control (United Kingdom), vol. 51, no.
7–8, pp. 360–367, 2018.
[12] O. Blial, M. Ben Mamoun, and R. Benaini, “An Overview on SDN
Architectures with Multiple Controllers,” J. Comput. Networks Commun.,
vol. 2016, 2016.
[13] S. Shamim, S. Shisir, A. Hasan, M. Hasan, and A. Hossain, “Performance
Analysis of Different Openflow,” vol. 18, no. 1, 2018.
[14] M. T. Islam, N. Islam, and M. Al Refat, “Node to Node Performance
Evaluation through RYU SDN Controller,” Wirel. Pers. Commun., vol. 112,
no. 1, pp. 555–570, 2020.
[15] W. Li, W. Meng, and L. F. Kwok, “A survey on OpenFlow-based Software
Defined Networks: Security challenges and countermeasures,” J. Netw.
Comput. Appl., vol. 68, no. April, pp. 126–139, 2016.
[16] P. Goransson and C. Black, “SDN Applications,” Softw. Defin. Networks, pp.
211–237, 2014.
[17] S. Sezer et al., “Are we ready for SDN? Implementation challenges for
software-defined networks,” IEEE Commun. Mag., vol. 51, no. 7, pp. 36–43,
2013.
[18] C. Decusatis, A. Carranza, and J. Delgado-caceres, “Modeling Software
Defined Networks using Mininet,” no. 133, pp. 1–6, 2016.
[19] F. Keti and S. Askar, “Emulation of Software Defined Networks Using
Mininet in Different Simulation Environments,” Proc. - Int. Conf. Intell.
Syst. Model. Simulation, ISMS, vol. 2015-Octob, pp. 205–210, 2015.
[20] H. Iqbal and S. Naaz, “Wireshark as a Tool for Detection of Various LAN
Attacks,” Int. J. Comput. Sci. Eng., vol. 7, no. 5, pp. 833–837, 2019.
[21] S. Pavithirakini, D. D. M. M. Bandara, C. N. Gunawardhana, K. K. S. Perera,
B. G. M. M. Abeyrathne, and D. Dhammearatchi, “Improve the Capabilities
of Wireshark as a tool for Intrusion Detection in DOS Attacks,” Int. J. Sci.
Res. Publ., vol. 6, no. 4, p. 378, 2016.
[22] P. Biondi, “Scapy Documentation,” vol. 469, no. 4, pp. 155–203, 2017.
[23] A. Fred Klassen, “Tcpreplay - Pcap editing and replaying utilities,” 2018.
[24] J. Parry, D. Hunter, K. Radke, and C. Fidge, “A network forensics tool for
51
precise data packet capture and replay in cyber-physical systems,” ACM Int.
Conf. Proceeding Ser., vol. 01-05-Febr, 2016.
[25] P. Bera, A. Saha, and S. K. Setua, “Denial of Service Attack in SDN,” Int.
Conf. Comput. Sci. Netw. Technol., no. 5, pp. 497–501, 2016.
[26] L. Barki, A. Shidling, N. Meti, D. G. Narayan, and M. M. Mulla, “Detection
of distributed denial of service attacks in software defined networks,” 2016
Int. Conf. Adv. Comput. Commun. Informatics, ICACCI 2016, pp. 2576–
2581, 2016.
[27] N. Meti, D. G. Narayan, and V. P. Baligar, “Detection of distributed denial
of service attacks using machine learning algorithms in software defined
networks,” 2017 Int. Conf. Adv. Comput. Commun. Informatics, ICACCI
2017, vol. 2017-Janua, pp. 1366–1371, 2017.
[28] A. Tharwat, “Classification assessment methods : a detailed tutorial
Classification assessment method : a detailed tutorial Alaa Tharwat,” no.
September, 2018.
[29] H. Liu, B. Lang, M. Liu, and H. Yan, “CNN and RNN based payload
classification methods for attack detection,” Knowledge-Based Syst., vol.
163, pp. 332–341, 2019.
[30] M. Mustafa, M. N. Taib, Z. H. Murat, N. Sulaiman, and S. A. M. Aris,
“Classification of EEG spectrogram image with ANN approach for
brainwave balancing application,” Int. J. Simul. Syst. Sci. Technol., vol. 12,
no. 5, pp. 29–36, 2011.
[31] A. Mossalam and M. Arafa, “Using artificial neural networks (ANN) in
projects monitoring dashboards’ formulation,” HBRC J., vol. 14, no. 3, pp.
385–392, 2018.
[32] L. VANNESCHI and M. CASTELLI, “Learn more about Artificial Neural
Network Multilayer Perceptrons Artificial Neural Networks used in the
survival analysis of breast cancer pa- tients : a node-negative study,” 2019.
[33] O. B. Sezer and A. M. Ozbayoglu, “Algorithmic financial trading with deep
convolutional neural networks: Time series to image conversion approach,”
Appl. Soft Comput. J., vol. 70, pp. 525–538, 2018.
