SSHCure: A Flow-Based SSH Intrusion Detection System

被引：0

作者：

Hellemons, Laurens ^{[1
]}

Hendriks, Luuk ^{[1
]}

Hofstede, Rick ^{[1
]}

Sperotto, Anna ^{[1
]}

Sadre, Ramin ^{[1
]}

Pras, Aiko ^{[1
]}

机构：

[1] Univ Twente, Ctr Telemat & Informat Technol CTIT, Fac Elect Engn Math & Comp Sci EEMCS, Design & Anal Commun Syst DACS, NL-7500 AE Enschede, Netherlands

来源：

DEPENDABLE NETWORKS AND SERVICES | 2012年 / 7279卷

关键词：

D O I：

暂无

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

SSH attacks are a main area of concern for network managers, due to the danger associated with a successful compromise. Detecting these attacks, and possibly compromised victims, is therefore a crucial activity. Most existing network intrusion detection systems designed for this purpose rely on the inspection of individual packets and, hence, do not scale to today's high-speed networks. To overcome this issue, this paper proposes SSHCure, a flow-based intrusion detection system for SSH attacks. It employs an efficient algorithm for the real-time detection of ongoing attacks and allows identification of compromised attack targets. A prototype implementation of the algorithm, including a graphical user interface, is implemented as a plugin for the popular NfSen monitoring tool. Finally, the detection performance of the system is validated with empirical traffic data.

引用

页码：86 / 97

页数：12

共 50 条

[21] FlowGANAnomaly: Flow-Based Anomaly Network Intrusion Detection with Adversarial Learning
Zeyi LI
Pan WANG
Zixuan WANG
Chinese Journal of Electronics, 2024, 33 (01) : 58 - 71
[22] Real-Time and Resilient Intrusion Detection: A Flow-Based Approach
Hofstede, Rick
Pras, Aiko
DEPENDABLE NETWORKS AND SERVICES, 2012, 7279 : 109 - 112
[23] FlowTransformer: A transformer framework for flow-based network intrusion detection systems
Manocchio, Liam Daly
Layeghy, Siamak
Lo, Wai Weng
Kulatilleke, Gayan K.
Sarhan, Mohanad
Portmann, Marius
EXPERT SYSTEMS WITH APPLICATIONS, 2024, 241
[24] Automated Flow-based Rule Generation for Network Intrusion Detection Systems
Fallahi, Naser
Sami, Ashkan
Tajbakhsh, Morteza
2016 24TH IRANIAN CONFERENCE ON ELECTRICAL ENGINEERING (ICEE), 2016, : 1948 - 1953
[25] SIPS: A stateful and flow-based intrusion prevention system for email applications
Cheng, Bo-Chao
Chen, Ming-Jen
Chu, Yuan-Sun
Chen, Andrew
Yap, Sujadi
Fan, Kuo-Pao
NETWORK AND PARALLEL COMPUTING, PROCEEDINGS, 2007, 4672 : 334 - 343
[26] Analyzing Flow-based Anomaly Intrusion Detection using Replicator Neural Networks
Cordero, Carlos Garcia
Hauke, Sascha
Muhlhauser, Max
Fischert, Mathias
2016 14TH ANNUAL CONFERENCE ON PRIVACY, SECURITY AND TRUST (PST), 2016,
[27] Feature Selection for Flow-based Intrusion Detection Using Rough Set Theory
Beer, Frank
Buehler, Ulrich
PROCEEDINGS OF THE 2017 IEEE 14TH INTERNATIONAL CONFERENCE ON NETWORKING, SENSING AND CONTROL (ICNSC 2017), 2017, : 617 - 624
[28] A Flow-based Entropy Characterization of a NATed Network and its Application on Intrusion Detection
Crichigno, J.
Kfoury, E.
Bou-Harb, E.
Ghani, N.
Prieto, Y.
Vega, C.
Pezoa, J.
Huang, C.
Torres, D.
ICC 2019 - 2019 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS (ICC), 2019,
[29] Investigating on the robustness of flow-based intrusion detection system against adversarial samples using Generative Adversarial Networks
Duy, Phan The
Khoa, Nghi Hoang
Hien, Do Thi Thu
Hoang, Hien Do
Pham, Van-Hau
JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2023, 74
[30] A New Method for Flow-Based Network Intrusion Detection Using the Inverse Potts Model
Pontes, Camila F. T.
de Souza, Manuela M. C.
Gondim, Joao J. C.
Bishop, Matt
Marotta, Marcelo Antonio
IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, 2021, 18 (02): : 1125 - 1136

← 1 2 3 4 5 →