Anomaly-based intrusion detection and prevention system on website usage using rule-growth sequential pattern analysis: Case study: Statistics of Indonesia (BPS) website

Websites are now widely used by many public and private sectors known to be the most popular system that is able to reach many users in many platforms through internet. Since websites are generally placed as a public domain, there is a large chance of intruders to compromise the system at any time. C-panel raw access log data nowadays widely used by many security tools to analysis the user behaviors regarding to the activities on the web, however they commonly provide the descriptive analysis, rather than prescriptive analysis for prediction and estimation. In this paper, we introduce the solution about the website security protection mechanism by investigating the user behaviors using sequential rule-pattern analysis. Rule-patterns of user behaviors are created by mining the log data with sequential pattern analysis in near real time. Using anomaly-based intrusion detection and prevention system approach, our proposed system then can predict the user behaviors activities whether identified as baseline patterns or malicious patterns.