<![CDATA[Security on a local area network (LAN) is very important to note. Firewall as a security device of the network in general is not fully able to detect suspicious activities (malicious activities) on the LAN. One method that can be used to indicate the presence of malicious activities is to take advantage of the detection of the number of ARP Broadcast Request activities on the LAN. In this final project, the system is built to identify the presence of malicious host activity on a LAN by identifying and visualizing the ARP Broadcast Request data. The main components of this system are network devices, servers, and hosts. The process carried out for identification is to collect data, process data, visualize data, and upload the results of the visualization to the web. The ARP Broadcast Request data is transformed and represented into a graph in the form of nodes and edges which are then processed through clustering and filtering based on edge weight, weight-out degree node, and out-degree node to determine the IP address indicated as malicious host activity. The system has been made to identify nodes indicated as malicious hosts. Nodes identified as malicious hosts have many edges and are visualized with a larger size and redder color when compared to other nodes. The execution time required in the data processing stage ranges from 5 seconds to 7 seconds with a data retrieval duration of 58 minutes.]]>
Copyrights © 2022
