云计算中基于k-最近邻(k-NN)和决策树的FTP和SSH密码暴力攻击检测比较

IF 1.3 Q4 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

International Journal of Innovative Computing Information and Control Pub Date : 2023-05-30 DOI:10.11113/ijic.v13n1.386

Muhammad Fakrullah Kamarudin Shah, Marina Md-Arshad, Adlina Abdul Samad, Fuad A. Ghaleb

{"title":"云计算中基于k-最近邻(k-NN)和决策树的FTP和SSH密码暴力攻击检测比较","authors":"Muhammad Fakrullah Kamarudin Shah, Marina Md-Arshad, Adlina Abdul Samad, Fuad A. Ghaleb","doi":"10.11113/ijic.v13n1.386","DOIUrl":null,"url":null,"abstract":"Cloud computing represents a new epoch in computing. From huge enterprises to individual use, cloud computing always provides an answer. Therefore, cloud computing must be readily accessible and scalable, and customers must pay only for the resources they consume rather than for the entire infrastructure. With such conveniences, come with their own threat especially brute force attacks since the resources are available publicly online for the whole world to see. In a brute force attack, the attacker attempts every possible combination of username and password to obtain access to the system. This study aims to examine the performance of the k-Nearest Neighbours (k-NN) and Decision Tree algorithms by contrasting their precision, recall, and F1 score. This research makes use of the CICIDS2017 dataset, which is a labelled dataset produced by the Canada Institute for Cybersecurity. A signature for the brute force attack is utilised with an Intrusion Detection System (IDS) to detect the attack. This strategy, however, is ineffective when a network is being attacked by a novel or unknown attack or signature. At the conclusion of the study, the performance of both algorithms is evaluated by comparing their precision, recall, and f1 score. The results show that Decision Tree performs slightly better than k-NN at classifying FTP and SSH attacks.","PeriodicalId":50314,"journal":{"name":"International Journal of Innovative Computing Information and Control","volume":"49 1","pages":""},"PeriodicalIF":1.3000,"publicationDate":"2023-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Comparing FTP and SSH Password Brute Force Attack Detection using k-Nearest Neighbour (k-NN) and Decision Tree in Cloud Computing\",\"authors\":\"Muhammad Fakrullah Kamarudin Shah, Marina Md-Arshad, Adlina Abdul Samad, Fuad A. Ghaleb\",\"doi\":\"10.11113/ijic.v13n1.386\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cloud computing represents a new epoch in computing. From huge enterprises to individual use, cloud computing always provides an answer. Therefore, cloud computing must be readily accessible and scalable, and customers must pay only for the resources they consume rather than for the entire infrastructure. With such conveniences, come with their own threat especially brute force attacks since the resources are available publicly online for the whole world to see. In a brute force attack, the attacker attempts every possible combination of username and password to obtain access to the system. This study aims to examine the performance of the k-Nearest Neighbours (k-NN) and Decision Tree algorithms by contrasting their precision, recall, and F1 score. This research makes use of the CICIDS2017 dataset, which is a labelled dataset produced by the Canada Institute for Cybersecurity. A signature for the brute force attack is utilised with an Intrusion Detection System (IDS) to detect the attack. This strategy, however, is ineffective when a network is being attacked by a novel or unknown attack or signature. At the conclusion of the study, the performance of both algorithms is evaluated by comparing their precision, recall, and f1 score. The results show that Decision Tree performs slightly better than k-NN at classifying FTP and SSH attacks.\",\"PeriodicalId\":50314,\"journal\":{\"name\":\"International Journal of Innovative Computing Information and Control\",\"volume\":\"49 1\",\"pages\":\"\"},\"PeriodicalIF\":1.3000,\"publicationDate\":\"2023-05-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Innovative Computing Information and Control\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.11113/ijic.v13n1.386\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Innovative Computing Information and Control","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.11113/ijic.v13n1.386","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

摘要

云计算代表了计算的新时代。从大型企业到个人使用，云计算总能提供一个答案。因此，云计算必须易于访问和扩展，并且客户必须仅为他们消耗的资源付费，而不是为整个基础设施付费。有了这样的便利，他们自己的威胁也随之而来，尤其是暴力攻击，因为资源是公开的，全世界都可以看到。在暴力攻击中，攻击者尝试所有可能的用户名和密码组合来获得对系统的访问权。本研究旨在通过比较k-最近邻(k-NN)和决策树算法的精度、召回率和F1分数来检验它们的性能。本研究使用了CICIDS2017数据集，这是加拿大网络安全研究所制作的标记数据集。暴力攻击的签名与入侵检测系统(IDS)一起用于检测攻击。然而，当网络受到新的或未知的攻击或签名攻击时，这种策略是无效的。在研究结束时，通过比较两种算法的精度、召回率和f1分数来评估它们的性能。结果表明，决策树对FTP和SSH攻击的分类性能略好于k-NN。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Comparing FTP and SSH Password Brute Force Attack Detection using k-Nearest Neighbour (k-NN) and Decision Tree in Cloud Computing

Cloud computing represents a new epoch in computing. From huge enterprises to individual use, cloud computing always provides an answer. Therefore, cloud computing must be readily accessible and scalable, and customers must pay only for the resources they consume rather than for the entire infrastructure. With such conveniences, come with their own threat especially brute force attacks since the resources are available publicly online for the whole world to see. In a brute force attack, the attacker attempts every possible combination of username and password to obtain access to the system. This study aims to examine the performance of the k-Nearest Neighbours (k-NN) and Decision Tree algorithms by contrasting their precision, recall, and F1 score. This research makes use of the CICIDS2017 dataset, which is a labelled dataset produced by the Canada Institute for Cybersecurity. A signature for the brute force attack is utilised with an Intrusion Detection System (IDS) to detect the attack. This strategy, however, is ineffective when a network is being attacked by a novel or unknown attack or signature. At the conclusion of the study, the performance of both algorithms is evaluated by comparing their precision, recall, and f1 score. The results show that Decision Tree performs slightly better than k-NN at classifying FTP and SSH attacks.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Journal of Innovative Computing Information and Control 工程技术-计算机：人工智能

CiteScore

3.20

自引率

20.00%

发文量

审稿时长

4.3 months

期刊介绍： The primary aim of the International Journal of Innovative Computing, Information and Control (IJICIC) is to publish high-quality papers of new developments and trends, novel techniques and approaches, innovative methodologies and technologies on the theory and applications of intelligent systems, information and control. The IJICIC is a peer-reviewed English language journal and is published bimonthly