INTRUSION DETECTION SYSTEM IN SECURE SHELL TRAFFIC IN CLOUD ENVIRONMENT
Mehdi Barati, Azizol Abdullah, NurIzura Udzir, Mostafa Behzadi, Ramlan Mahmod and Norwati Mustapha
DOI : 10.3844/jcssp.2014.2029.2036
Journal of Computer Science
Volume 10, Issue 10
Due to growth of Cloud computing usage, the need to apply encrypted protocols to provide confidentiality and integrity of data increases dramatically. Attacker can take advantage of these protocols to hide the intrusion and evade detection. Many traditional attack detection techniques have been proposed to provide security in the networks but none of them can be implemented properly in encrypted networks. This study investigates a popular attack in Secure Shell (SSH), known as brute force attack and provides an efficient method to detect this attack. Brute force attack is launched by implementing a client-server SSH model in a private Cloud environment and the traffics regarding attack and normal are captured on the server. Then, representative features of traffic are extracted and used by the Multi-Layer Perceptron model of Artificial Neural Network to classify the attack and normal traffic. Results gained by this method show that the proposed model is successfully capable to detect this attack with high accuracy and low false alarm.
© 2014 Mehdi Barati, Azizol Abdullah, NurIzura Udzir, Mostafa Behzadi, Ramlan Mahmod and Norwati Mustapha. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.