SSH Bruteforce Attack Classification using Machine Learning

Marco Ariano Kristyanto, Ice Krisnahati, Franky Rawung, Dzhillan Dzhalila, Bima Dinda Nurwibawa, Wisnu Murti, Baskoro Adi Pratomo, Ary Mazharuddin Shiddiqi

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Citation (Scopus)

Abstract

One of the problems in computer network security is Intrusion Detection. To detect it, we need a NIDS (Network Intrusion Detection). One example of NIDS is a honeypot. In this research, we use a kippo honeypot as a tool as an IDS. In this paper, honeypot logs are used for classifying SSH attacks using machine learning. The research used the original dataset from Kippo's log to classify the ssh attack as the primary source. We implement four algorithm classifications: Decision Tree, Naive Bayes, SVM, and Random Forest. Our research found that Decision Tree (DT) and random forest have the same score and better accuracy than naive Bayes and SVM. The accuracy and F1 score of RF and DT are 0.92 and 0.92, respectively.

Original languageEnglish
Title of host publication2022 10th International Conference on Information and Communication Technology, ICoICT 2022
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages116-119
Number of pages4
ISBN (Electronic)9781665481656
DOIs
Publication statusPublished - 2022
Event10th International Conference on Information and Communication Technology, ICoICT 2022 - Virtual, Online, Indonesia
Duration: 2 Aug 20223 Aug 2022

Publication series

Name2022 10th International Conference on Information and Communication Technology, ICoICT 2022

Conference

Conference10th International Conference on Information and Communication Technology, ICoICT 2022
Country/TerritoryIndonesia
CityVirtual, Online
Period2/08/223/08/22

Keywords

  • Classification
  • SSH
  • SSH attack
  • honeypot
  • kippo
  • machine learning

Fingerprint

Dive into the research topics of 'SSH Bruteforce Attack Classification using Machine Learning'. Together they form a unique fingerprint.

Cite this