By Dimas Aditya
A Bachelor’s Thesis Submitted to the Faculty of INFORMATION TECHNOLOGY
in partial fulfillment of the requirements for the Degree of
BACHELOR OF SCIENCES
WITH A MAJOR IN INFORMATION TECHNOLOGY
SWISS GERMAN UNIVERSITY Campus German Centre Bumi Serpong Damai – 15321
Island of Java, Indonesia
www.sgu.ac.idJuly 2009
STATEMENT BY THE AUTHOR
I hereby declare that this submission is my own work and to the best of my knowledge, it contains no material previously published or written by another person, nor material which to a substantial extent has been accepted for the award of any other degree or diploma at any educational institution, except where due acknowledgement is made in the thesis.
_______________________________________ ________________
Dimas Aditya, CEH Date
Approved by:
________________________________________ __________________
Prof. Dr. Ir. Richardus Eko Indrajit, M.Sc. MBA. MA. MPhil Date
________________________________________ __________________
James Purnama. M.Sc. Date
______________________________________ _________________
Chairman of the Examination Steering Committee Date
ABSTRACT
IMPLEMENTATION OF WEB MINING TECHNOLOGY TO INVESTIGATE THE HACKING TECHNIQUES AND INTRUSION ATTEMPT RELATIONSHIP.
CASE STUDY: IDSIRTII.
By
Dimas Aditya
SWISS GERMAN UNIVERSITY Bumi Serpong Damai
Prof. Dr. Ir. Richardus Eko Indrajit, M.Sc. MBA. MA. MPhil, Thesis Advisor James Purnama, M.Sc., Thesis Co-Advisor
The number of Indonesian internet user growing rapidly over past 5 years that more than thirty million Indonesian people connected to the internet for business, education, entertainment, and other social interactions purposes. The internet cyber attacks also increase along with the number of emerging exploits, hacking tools and information.
.
Based on that situation, IDSIRTII (Indonesia Security Incident Response Team) wants to conduct further investigation to find relationship of emerging hacking information and tutorials in Indonesian hacker community websites and cyber attack pattern detected by ID- SIRTII. The result of this research is needed to make new solutions that regulate hacking information flows in media.
Two kind approaches are needed to find the relationship, Nutch web mining tools use to find related contents and deep observations of hacking community websites to find community member
characteristics, type of posts, and information trends
.The research found that there are relationships and phenomena of emerging hacking
DEDICATION
I dedicate this thesis to my god Allah SWT, my beloved parents who support me all the time, my sister Ayu Nindya Sari, my lovely girlfriend Tyas Wuri Handayani, my best friend Rinaldi Yulius, Lina Setiawan, Nani Yasmin, Chairunnisa, and Henry, all of my lecturers from the first semester until this semester, all of my fellow students batch 2005, and all people can not be listed here whom gave me supports during my study and my thesis completion.
ACKNOWLEDGMENTS
The author wishes to express my thankfulness to Allah SWT for His blessings and guidance during my study in Swiss German University.
I would also like to convey my gratitude to my thesis advisor and co-advisor, Prof. Dr. Ir.
Richardus Eko Indrajit, M.Sc. MBA. MA. MPhil and James Purnama, M.Sc. for providing their valuable time in guiding and giving tutorial to me. It is my pride to work together with both of you.
To Dipl. Ing. Kho I Eng, as the new Dean of Information Technology Faculty, thank you for approving this thesis and supporting me until the completion of this thesis.
To Prof. Dr. Peter Pscheid, as the Rector of Swiss German University, thank you for giving me guidance to prepare my bachelor’s thesis in a proper manner.
To Mrs. Nona and Mr. Farhan, thank you for the support and providing me the materials, books, journals.
To all people in ID-SIRTII, thank you for your cooperation by providing me what are needed for this thesis.
To Mr. Anto Satriyo Nugroho, thank you for providing all information related to web mining.
To my parents, thank you for supporting me until the completion of this thesis.
To my girlfriend, thank you for supporting me every day.
To all of those who participated in finishing this thesis, thank you for your supports and attentions.
TABLE OF CONTENTS
LIST OF TABLES ... 9
LIST OF FIGURES ... 9
CHAPTER 1 INTRODUCTION ... 10
Background ... 10
Research Problems ... 11
Research Purposes ... 11
1.4. Significance of Study ... 11
1.5. Scope and Limitation ... 12
1.6. Research Questions ... 12
1.7. Research Propositions ... 12
1.8. Thesis Structure ... 12
CHAPTER 2 LITERATURE REVIEW ... 14
2.1. Web Content Mining ... 14
2.2. History of Intrusion Attack ... 19
2.3. Intrusion Detection ... 23
2.4. Hacker Definition ... 24
CHAPTER 3 METHODOLOGIES ... 41
3.1. Research Paradigm ... 41
3.2. Research Procedure and Mechanism ... 42
3.3. Sourcefire Data Gathering Phase ... 44
3.4. Web Mining Phase by Using Nutch 0.9 ... 45
CHAPTER 4 RESULT AND DISCUSSION ... 50
4.1. Indonesian Internet Profile and Security Issues ... 50
4.2. Hacker in Social Community Relationship ... 52
4.2. Pattern Phenomena of Attack ... 60
4.3. Attack Motivation ... 62
4.4. Hacker Tendency ... 63
4.5. Crawling Result ... 67
4.6. Indonesian Internet Traffic Log Analyze Phase ... 68
CHAPTER 5 CONCLUSION AND RECOMENDATION ... 73
5.1. New Findings ... 73
5.2. Propose Approach to Detect and Prevent Attacks ... 75
5.3. Future Works ... 78
5.4. Conclusion ... 78
