Show simple item record

dc.contributor.authorGonzález González, Silvia
dc.contributor.authorHerrero Cosío, Álvaro
dc.contributor.authorSedano Franco, Javier
dc.contributor.authorZurutuza Ortega, Urko
dc.contributor.authorCorchado Rodríguez, Emilio Santiago 
dc.date.accessioned2017-09-05T10:58:55Z
dc.date.available2017-09-05T10:58:55Z
dc.date.issued2016
dc.identifier.citationLOGIC JOURNAL OF THE IGPL. Volumen 24 (1), pp. 104-114. Oxford Journals .
dc.identifier.issn1367-0751
dc.identifier.urihttp://hdl.handle.net/10366/134246
dc.description.abstractThe Secure Shell Protocol (SSH) is a well-known standard protocol, mainly used for remotely accessing shell accounts on Unix-like operating systems to perform administrative tasks. As a result, the SSH service has been an appealing target for attackers, aiming to guess root passwords performing dictionary attacks or to directly exploit the service itself. To identify such situations, this article addresses the detection of SSH anomalous connections from an intrusion detection perspective. The main idea is to compare several strategies and approaches for a better detection of SSH-based attacks. To test the classification performance of different classifiers and combinations of them, SSH data coming from a real-world honeynet are gathered and analysed. For comparison purposes and to draw conclusions about data collection, both packet-based and flow data are analysed. A wide range of classifiers and ensembles are applied to these data, as well as different validation schemes for better analysis of the obtained results. The high-rate classification results lead to positive conclusions about the identification of malicious SSH connections.
dc.format.mimetypeapplication/pdf
dc.language.isoen
dc.publisherOxford Journals
dc.rightsAttribution-NonCommercial-NoDerivs 3.0 Unported
dc.rights.urihttps://creativecommons.org/licenses/by-nc-nd/3.0/
dc.subjectComputer Science
dc.titleDifferent approaches for the detection of SSH anomalous connections
dc.typeinfo:eu-repo/semantics/article
dc.rights.accessRightsinfo:eu-repo/semantics/openAccess


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record

Attribution-NonCommercial-NoDerivs 3.0 Unported
Except where otherwise noted, this item's license is described as Attribution-NonCommercial-NoDerivs 3.0 Unported