Kurnia Putri, Dede
Unknown Affiliation

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

Pengembangan Model IDS Berbasis Deep Reinforcement Learning untuk Prediksi dan Mitigasi Serangan Siber Dalam Network Traffic Analysis Martanto; Suarna, Nana; Kurnia Putri, Dede; Mardiana, Ana
Jurnal Teknologi Informasi dan Ilmu Komputer Vol 13 No 3: Juni 2026
Publisher : Fakultas Ilmu Komputer, Universitas Brawijaya

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.25126/jtiik.2026133

Abstract

Intrusion Detection System (IDS) merupakan komponen krusial dalam pertahanan jaringan modern, berfungsi mendeteksi dan merespons ancaman siber secara cepat dan akurat. Penelitian ini menawarkan kontribusi baru melalui perancangan lingkungan Markov Decision Process (MDP) yang lebih realistis, integrasi reward shaping adaptif, serta evaluasi komprehensif multi-algoritma Deep Reinforcement Learning (DRL) yaitu Proximal Policy Optimization (PPO), Deep Q-Network (DQN), Advantage Actor-Critic (A2C) dan perbandingannya dengan model supervised learning mutakhir . Dataset CICIDS2017 dan UNSW-NB15 digunakan sebagai sumber data lalu lintas jaringan, mencakup berbagai jenis serangan dan lalu lintas normal. Lingkungan pelatihan dirancang khusus untuk memungkinkan agen DRL belajar melalui interaksi langsung dengan data, dengan reward function yang memandu agen untuk meningkatkan akurasi deteksi dan meminimalkan kesalahan. Metodologi penelitian meliputi perancangan arsitektur model DRL, proses pelatihan selama 200.000 time steps, serta evaluasi kinerja model berdasarkan metrik akurasi, presisi, recall, dan F1-score. Hasil evaluasi menunjukkan DQN mencapai akurasi tertinggi pada pendekatan DRL (89–92%), namun secara keseluruhan model supervised learning seperti Random Forest dan CNN masih melampaui DRL dengan akurasi 98–99%. Temuan ini mengonfirmasi bahwa DRL memiliki potensi kuat dalam adaptasi dinamis, tetapi masih memerlukan optimasi lebih lanjut untuk menyaingi metode supervised pada klasifikasi statis. Penelitian ini juga menghadirkan blueprint integrasi IDS–DRL dengan SOC dan firewall adaptif, yang memberikan landasan implementatif pada sistem keamanan nyata. Penelitian ini berkontribusi pada pengembangan IDS adaptif yang mampu melakukan deteksi dan mitigasi secara real-time dengan tingkat akurasi tinggi. Keterbatasan penelitian mencakup kebutuhan komputasi yang tinggi dan potensi ketidakstabilan pelatihan, yang membuka peluang untuk penelitian lanjutan dengan optimasi arsitektur dan integrasi teknik transfer learning.   Abstract An Intrusion Detection System (IDS) is a crucial component of modern network defense, detecting and responding to cyber threats quickly and accurately. This research proposes the development of a Deep Reinforcement Learning (DRL)-based IDS for cyberattack prediction and mitigation using three main algorithms, namely Proximal Policy Optimization (PPO), Deep Q-Network (DQN), and Advantage Actor-Critic (A2C). The CICIDS2017 dataset is used as a source of network traffic data, covering various types of attacks and normal traffic. The training environment is specifically designed to allow DRL agents to learn through direct interaction with the data, with a reward function that guides the agent to improve detection accuracy and minimize errors. The research methodology includes designing the DRL model architecture, training for 20,000 time steps, and evaluating model performance based on accuracy, precision, recall, and F1-score metrics. The experimental results show that DQN has the best performance with an accuracy of 92.39%, a precision of 91.04%, a recall of 92.39%, and an F1-score of 91.50%, followed by A2C and PPO. Confusion matrix analysis and performance visualization show that DQN excels in detecting majority and minority classes with a low number of false positives and false negatives. Theoretical discussions link the results of this study to the fundamental principles of DRL, where agents learn adaptive detection strategies to attack dynamics, and their relevance to real-world applications such as Security Operation Centers (SOCs) and adaptive firewalls. Comparisons with previous research confirm that the DRL approach can offer significant improvements over traditional IDS and supervised learning methods. This research contributes to the development of an adaptive IDS capable of real-time detection and mitigation with high accuracy. Limitations include high computational requirements and potential training instability, which opens up opportunities for further research with architecture optimization and the integration of transfer learning techniques.