Detecting Brute Force Attacks on SSH and FTP Protocol Using Machine Learning: A Survey

Abstract

The significance of detecting network traffic anomalies in cybersecurity cannot be overstated, especially given the increasing frequency and complexity of computer network attacks. As new Internet-related technologies emerge, so do more intricate attacks. One particularly daunting challenge is represented by dictionary-based brute-force attacks, which require effective real- time detection and mitigation methods. In this paper, we investigate Secure Shell or Secure Socket Shell, is a network protocol that gives users, particularly system administrators, a secure way to access a computer over an unsecured network(SSH)and File Transfer Protocol is a standard network protocol used for the transfer of files from one host to another over a TCP-based network, such as the Internet (FTP) brute-force attack detection by using Our research focuses on using the machine learning approach to detect SSH and FTP brute-force attacks. A reasonably thorough investigation of machine learners' efficacy in identifying brute force assaults on SSH and FTP is made possible by employing several classifiers. Brute-force assaults are a popular and risky method of obtaining usernames and passwords. Applying ethical hacking is an excellent technique to examine the effects of a brute-force assault. This article discusses many defense strategies and approaches to using brute-force assaults. The pros and cons of several defense strategies are enumerated, along with information on which kind of assault is easiest to identify. we made use of machine learning classifiers: Naive Bayes, Random Forest, Logistic Regression, we determined that the Random Forest algorithm achieved the highest level with an accuracy the contribution lies in demonstrating the feasibility of training and evaluating basic Random Forest models with two independent variables to classify CSE-CIC-IDS2018 dataset.