Muhammad Fakrullah Kamarudin Shah, Marina Md-Arshad, Adlina Abdul Samad, Fuad A. Ghaleb
{"title":"云计算中基于k-最近邻(k-NN)和决策树的FTP和SSH密码暴力攻击检测比较","authors":"Muhammad Fakrullah Kamarudin Shah, Marina Md-Arshad, Adlina Abdul Samad, Fuad A. Ghaleb","doi":"10.11113/ijic.v13n1.386","DOIUrl":null,"url":null,"abstract":"Cloud computing represents a new epoch in computing. From huge enterprises to individual use, cloud computing always provides an answer. Therefore, cloud computing must be readily accessible and scalable, and customers must pay only for the resources they consume rather than for the entire infrastructure. With such conveniences, come with their own threat especially brute force attacks since the resources are available publicly online for the whole world to see. In a brute force attack, the attacker attempts every possible combination of username and password to obtain access to the system. This study aims to examine the performance of the k-Nearest Neighbours (k-NN) and Decision Tree algorithms by contrasting their precision, recall, and F1 score. This research makes use of the CICIDS2017 dataset, which is a labelled dataset produced by the Canada Institute for Cybersecurity. A signature for the brute force attack is utilised with an Intrusion Detection System (IDS) to detect the attack. This strategy, however, is ineffective when a network is being attacked by a novel or unknown attack or signature. At the conclusion of the study, the performance of both algorithms is evaluated by comparing their precision, recall, and f1 score. The results show that Decision Tree performs slightly better than k-NN at classifying FTP and SSH attacks.","PeriodicalId":50314,"journal":{"name":"International Journal of Innovative Computing Information and Control","volume":null,"pages":null},"PeriodicalIF":1.3000,"publicationDate":"2023-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Comparing FTP and SSH Password Brute Force Attack Detection using k-Nearest Neighbour (k-NN) and Decision Tree in Cloud Computing\",\"authors\":\"Muhammad Fakrullah Kamarudin Shah, Marina Md-Arshad, Adlina Abdul Samad, Fuad A. Ghaleb\",\"doi\":\"10.11113/ijic.v13n1.386\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cloud computing represents a new epoch in computing. From huge enterprises to individual use, cloud computing always provides an answer. Therefore, cloud computing must be readily accessible and scalable, and customers must pay only for the resources they consume rather than for the entire infrastructure. With such conveniences, come with their own threat especially brute force attacks since the resources are available publicly online for the whole world to see. In a brute force attack, the attacker attempts every possible combination of username and password to obtain access to the system. This study aims to examine the performance of the k-Nearest Neighbours (k-NN) and Decision Tree algorithms by contrasting their precision, recall, and F1 score. This research makes use of the CICIDS2017 dataset, which is a labelled dataset produced by the Canada Institute for Cybersecurity. A signature for the brute force attack is utilised with an Intrusion Detection System (IDS) to detect the attack. This strategy, however, is ineffective when a network is being attacked by a novel or unknown attack or signature. At the conclusion of the study, the performance of both algorithms is evaluated by comparing their precision, recall, and f1 score. The results show that Decision Tree performs slightly better than k-NN at classifying FTP and SSH attacks.\",\"PeriodicalId\":50314,\"journal\":{\"name\":\"International Journal of Innovative Computing Information and Control\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":1.3000,\"publicationDate\":\"2023-05-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Innovative Computing Information and Control\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.11113/ijic.v13n1.386\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Innovative Computing Information and Control","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.11113/ijic.v13n1.386","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}
Comparing FTP and SSH Password Brute Force Attack Detection using k-Nearest Neighbour (k-NN) and Decision Tree in Cloud Computing
Cloud computing represents a new epoch in computing. From huge enterprises to individual use, cloud computing always provides an answer. Therefore, cloud computing must be readily accessible and scalable, and customers must pay only for the resources they consume rather than for the entire infrastructure. With such conveniences, come with their own threat especially brute force attacks since the resources are available publicly online for the whole world to see. In a brute force attack, the attacker attempts every possible combination of username and password to obtain access to the system. This study aims to examine the performance of the k-Nearest Neighbours (k-NN) and Decision Tree algorithms by contrasting their precision, recall, and F1 score. This research makes use of the CICIDS2017 dataset, which is a labelled dataset produced by the Canada Institute for Cybersecurity. A signature for the brute force attack is utilised with an Intrusion Detection System (IDS) to detect the attack. This strategy, however, is ineffective when a network is being attacked by a novel or unknown attack or signature. At the conclusion of the study, the performance of both algorithms is evaluated by comparing their precision, recall, and f1 score. The results show that Decision Tree performs slightly better than k-NN at classifying FTP and SSH attacks.
期刊介绍:
The primary aim of the International Journal of Innovative Computing, Information and Control (IJICIC) is to publish high-quality papers of new developments and trends, novel techniques and approaches, innovative methodologies and technologies on the theory and applications of intelligent systems, information and control. The IJICIC is a peer-reviewed English language journal and is published bimonthly