Visible to the public Biblio

Filters: Keyword is brute-force  [Clear All Filters]
2021-03-09
Hossain, M. D., Ochiai, H., Doudou, F., Kadobayashi, Y..  2020.  SSH and FTP brute-force Attacks Detection in Computer Networks: LSTM and Machine Learning Approaches. 2020 5th International Conference on Computer and Communication Systems (ICCCS). :491—497.

Network traffic anomaly detection is of critical importance in cybersecurity due to the massive and rapid growth of sophisticated computer network attacks. Indeed, the more new Internet-related technologies are created, the more elaborate the attacks become. Among all the contemporary high-level attacks, dictionary-based brute-force attacks (BFA) present one of the most unsurmountable challenges. We need to develop effective methods to detect and mitigate such brute-force attacks in realtime. In this paper, we investigate SSH and FTP brute-force attack detection by using the Long Short-Term Memory (LSTM) deep learning approach. Additionally, we made use of machine learning (ML) classifiers: J48, naive Bayes (NB), decision table (DT), random forest (RF) and k-nearest-neighbor (k-NN), for additional detection purposes. We used the well-known labelled dataset CICIDS2017. We evaluated the effectiveness of the LSTM and ML algorithms, and compared their performance. Our results show that the LSTM model outperforms the ML algorithms, with an accuracy of 99.88%.

2020-09-04
Laatansa, Saputra, Ragil, Noranita, Beta.  2019.  Analysis of GPGPU-Based Brute-Force and Dictionary Attack on SHA-1 Password Hash. 2019 3rd International Conference on Informatics and Computational Sciences (ICICoS). :1—4.
Password data in a system usually stored in hash. Various human-caused negligence and system vulnerability can make those data fall in the hand of those who isn't entitled to or even those who have malicious purpose. Attacks which could be done on the hashed password data using GPGPU-based machine are for example: brute-force, dictionary, mask-attack, and word-list. This research explains about effectivity of brute-force and dictionary attack which done on SHA-l hashed password using GPGPU-based machine. Result is showing that brute-force effectively crack more password which has lower set of character, with over 11% of 7 or less characters passwords vs mere 3 % in the dictionary attack counterpart. Whereas dictionary attack is more effective on cracking password which has unsecure character pattern with 5,053 passwords vs 491 on best brute-force attack scenario. Usage of combined attack method (brute-force + dictionary) gives more balanced approach in terms of cracking whether the password is long or secure patterned string.