Network Log-Based SSH...(Computers,Materials & Continua, 2021.03)
페이지 정보
본문
논문명
Network Log-Based SSH Brute-Force Attack Detection Model
Abstract
The rapid advancement of IT technology has enabled the quick
discovery, sharing and collection of quality information,but has also increased
cyberattacks at a fast pace at the same time. There exists no means to block
these cyberattacks completely, and all security policies need to consider the
possibility of external attacks. Therefore, it is crucial to reduce external attacks
through preventative measures. In general, since routers located in the upper
part of a firewall can hardly be protected by security systems, they are exposed
to numerous unblocked cyberattacks. Routers block unnecessary services and
accept necessary ones while taking appropriatemeasures to reduce vulnerability,
block unauthorized access, and generate relevant logs. Most logs created
through unauthorized access are caused by SSH brute-force attacks, and
therefore IP data of the attack can be collected through the logs. This paper
proposes a model to detect SSH brute-force attacks through their logs, collect
their IP address, and control access from that IP address. In this paper, we
present a model that extracts and fragments the specific data required from
the packets of collected routers in order to detect indiscriminate SSH input
attacks. To do so, the model multiplies a user’s access records in each packet
by weights and adds them to the blacklist according to a final calculated result
value. In addition, the model can specify the internal IP of an attack attempt
and defend against the first 29 destination IP addresses attempting the attack.
논문 정보
Jeonghoon Park1, Jinsu Kim1, B. B. Gupta2 and Namje Park1,*
1Department of Convergence Information Security, Graduate School, Jeju National University, Jeju, 63243, Korea
2Department of Computer Engineering, National Institute of Technology Kurukshetra, Kurukshetra, 136119, India
*Corresponding Author: Namje Park. Email: namjepark@jejunu.ac.kr
Computers,Materials & Continua Tech Science Press
DOI:10.32604/cmc.2021.015172
- 이전글창의융합 인재 양성을 위한 3년간의 초·중등 관리자...(한국융합학회, 2021.03) 21.06.10
- 다음글K-NN 알고리즘 이해를 기반한 머신러닝...(정보교육학회논문지, 2021.02) 21.06.10
댓글목록
등록된 댓글이 없습니다.