TY - GEN
T1 - Clustering of SSH brute-force attack logs using k-clique percolation
AU - Studiawan, Hudan
AU - Pratomo, Baskoro Adi
AU - Anggoro, Radityo
N1 - Publisher Copyright:
© 2016 IEEE.
PY - 2017/4/24
Y1 - 2017/4/24
N2 - The brute-force attacks to SSH service still persist in the server environments. The existing methods have not applied graph theory to analyze authentication log that records this attack. Therefore, we model the log as a graph and propose k-clique percolation to cluster auth.log file to assist the system administrators to inspect this incident. The k-clique percolation has proven in clustering of biological networks and we will deploy it to this problem. We then provide the mechanism for edge removal to separate the generated clusters and make clear the clustering outputs. The experimental results show that this approach is appropriate to cluster raw logs of SSH brute-force attacks.
AB - The brute-force attacks to SSH service still persist in the server environments. The existing methods have not applied graph theory to analyze authentication log that records this attack. Therefore, we model the log as a graph and propose k-clique percolation to cluster auth.log file to assist the system administrators to inspect this incident. The k-clique percolation has proven in clustering of biological networks and we will deploy it to this problem. We then provide the mechanism for edge removal to separate the generated clusters and make clear the clustering outputs. The experimental results show that this approach is appropriate to cluster raw logs of SSH brute-force attacks.
KW - SSH brute-force attack
KW - event log clustering
KW - k-clique percolation
UR - http://www.scopus.com/inward/record.url?scp=85019406288&partnerID=8YFLogxK
U2 - 10.1109/ICTS.2016.7910269
DO - 10.1109/ICTS.2016.7910269
M3 - Conference contribution
AN - SCOPUS:85019406288
T3 - Proceedings of 2016 International Conference on Information and Communication Technology and Systems, ICTS 2016
SP - 39
EP - 42
BT - Proceedings of 2016 International Conference on Information and Communication Technology and Systems, ICTS 2016
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2016 International Conference on Information and Communication Technology and Systems, ICTS 2016
Y2 - 12 October 2016
ER -