SSH-Brute Force Attack Detection Model based on Deep Learning

Abstract

The rising number of malicious threats on computer networks and Internet services owing to a large number of attacks makes the network security be at incessant risk. One of the predominant network attacks that poses distressing threats to networks security are the brute force attacks. A brute force attack uses a trial and error algorithm to decode encrypted data such as passwords or Data Encryption Standard keys, through exhaustive effort (using brute force) rather than using intellectual strategies. Brute force attacks resemble legitimate network traffic, making it difficult to defend an organization that rely mainly on perimeter-based security solutions a major challenge. For stopping the occurrence of such attacks, several curable steps must be taken. This paper proposes an efficient mechanism for SSH-Brute force network attacks detection based on a supervised deep learning algorithm, Convolutional Neural Network. The model performance was compared with experimental results from 5 classical machine learning algorithms including Naive Bayes, Logistic Regression, Decision Tree, k-Nearest Neighbour, and Support Vector Machine. Four standard metrics namely, Accuracy, Precision, Recall, and the F-measure were used. Results show that the CNN-based model is superior to the traditional machine learning methods with 94.3% accuracy, a precision rate of 92.5%, recall rate of 97.8% and F1-score of 91.8% in terms of the ability to detect SSH-Brute force attacks.