Social networks as a platform for distributed dictionary attack
CIT'11 Proceedings of the 5th WSEAS international conference on Communications and information technology
SSHCure: a flow-based SSH intrusion detection system
AIMS'12 Proceedings of the 6th IFIP WG 6.6 international autonomous infrastructure, management, and security conference on Dependable Networks and Services
Review: A survey of network flow applications
Journal of Network and Computer Applications
Detecting stealthy, distributed SSH brute-forcing
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Hi-index | 0.00 |
This paper describes the novel network-based approach to a dictionary attack detection with the ability to recognize successful attack. We analyzed SSH break-in attempts at a flow level and determined a dictionary attack pattern. This pattern was verified and compared to common SSH traffic to prevent false positives. The SSH dictionary attack pattern was implemented using decision tree technique. The evaluation was performed in a large high-speed university network with promising results.