Portal de Periódicos da CAPES

INTRUSION DETECTION SYSTEM IN SECURE SHELL TRAFFIC IN CLOUD ENVIRONMENT

2014; Science Publications; Volume: 10; Issue: 10 Linguagem: Inglês

10.3844/jcssp.2014.2029.2036

1552-6607

Mehdi Barati, Azizol Abdullah, Nur Izura Udzir, Mostafa Behzadi, Ramlan Mahmod, Aida Mustapha,

Advanced Malware Detection Techniques

Due to growth of Cloud computing usage, the need to apply encrypted protocols to provide confidentiality and integrity of data increases dramatically. Attacker can take advantage of these protocols to hide the intrusion and evade detection. Many traditional attack detection techniques have been proposed to provide security in the networks but none of them can be implemented properly in encrypted networks. This study investigates a popular attack in Secure Shell (SSH), known as brute force attack and provides an efficient method to detect this attack. Brute force attack is launched by implementing a client-server SSH model in a private Cloud environment and the traffics regarding attack and normal are captured on the server. Then, representative features of traffic are extracted and used by the Multi-Layer Perceptron model of Artificial Neural Network to classify the attack and normal traffic. Results gained by this method show that the proposed model is successfully capable to detect this attack with high accuracy and low false alarm.