Litcius/Paper detail

SSH and FTP brute-force Attacks Detection in Computer Networks: LSTM and Machine Learning Approaches

Md Delwar Hossain, Hideya Ochiai, Doudou Fall, Youki Kadobayashi

20202020 5th International Conference on Computer and Communication Systems (ICCCS)55 citationsDOI

Abstract

Network traffic anomaly detection is of critical importance in cybersecurity due to the massive and rapid growth of sophisticated computer network attacks. Indeed, the more new Internet-related technologies are created, the more elaborate the attacks become. Among all the contemporary high-level attacks, dictionary-based brute-force attacks (BFA) present one of the most unsurmountable challenges. We need to develop effective methods to detect and mitigate such brute-force attacks in realtime. In this paper, we investigate SSH and FTP brute-force attack detection by using the Long Short-Term Memory (LSTM) deep learning approach. Additionally, we made use of machine learning (ML) classifiers: J48, naive Bayes (NB), decision table (DT), random forest (RF) and k-nearest-neighbor (k-NN), for additional detection purposes. We used the well-known labelled dataset CICIDS2017. We evaluated the effectiveness of the LSTM and ML algorithms, and compared their performance. Our results show that the LSTM model outperforms the ML algorithms, with an accuracy of 99.88%.

Topics & Concepts

Computer scienceBrute forceBrute-force attackNaive Bayes classifierFile Transfer ProtocolMachine learningArtificial intelligenceRandom forestTable (database)C4.5 algorithmThe InternetData miningComputer securitySupport vector machineOperating systemCryptographyNetwork Security and Intrusion DetectionInternet Traffic Analysis and Secure E-votingAdvanced Malware Detection Techniques