TY - GEN
T1 - SSH Bruteforce Attack Classification using Machine Learning
AU - Kristyanto, Marco Ariano
AU - Krisnahati, Ice
AU - Rawung, Franky
AU - Dzhalila, Dzhillan
AU - Nurwibawa, Bima Dinda
AU - Murti, Wisnu
AU - Adi Pratomo, Baskoro
AU - Shiddiqi, Ary Mazharuddin
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - One of the problems in computer network security is Intrusion Detection. To detect it, we need a NIDS (Network Intrusion Detection). One example of NIDS is a honeypot. In this research, we use a kippo honeypot as a tool as an IDS. In this paper, honeypot logs are used for classifying SSH attacks using machine learning. The research used the original dataset from Kippo's log to classify the ssh attack as the primary source. We implement four algorithm classifications: Decision Tree, Naive Bayes, SVM, and Random Forest. Our research found that Decision Tree (DT) and random forest have the same score and better accuracy than naive Bayes and SVM. The accuracy and F1 score of RF and DT are 0.92 and 0.92, respectively.
AB - One of the problems in computer network security is Intrusion Detection. To detect it, we need a NIDS (Network Intrusion Detection). One example of NIDS is a honeypot. In this research, we use a kippo honeypot as a tool as an IDS. In this paper, honeypot logs are used for classifying SSH attacks using machine learning. The research used the original dataset from Kippo's log to classify the ssh attack as the primary source. We implement four algorithm classifications: Decision Tree, Naive Bayes, SVM, and Random Forest. Our research found that Decision Tree (DT) and random forest have the same score and better accuracy than naive Bayes and SVM. The accuracy and F1 score of RF and DT are 0.92 and 0.92, respectively.
KW - Classification
KW - SSH
KW - SSH attack
KW - honeypot
KW - kippo
KW - machine learning
UR - http://www.scopus.com/inward/record.url?scp=85141637673&partnerID=8YFLogxK
U2 - 10.1109/ICoICT55009.2022.9914864
DO - 10.1109/ICoICT55009.2022.9914864
M3 - Conference contribution
AN - SCOPUS:85141637673
T3 - 2022 10th International Conference on Information and Communication Technology, ICoICT 2022
SP - 116
EP - 119
BT - 2022 10th International Conference on Information and Communication Technology, ICoICT 2022
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 10th International Conference on Information and Communication Technology, ICoICT 2022
Y2 - 2 August 2022 through 3 August 2022
ER -