Author:
Satria E,Huda T P S,Iqbal M,Sarjana F W
Abstract
Abstract
The attack of brute force is still one of the popular attacks used to hack into your account unauthorized by a computer system. Brute force is also the most crucial attack and has a high risk of the system being taken over. Investigating brute force attacks is useful for building strong computer network defense systems. In this study, Snort acts as an intrusion prevention system and Cowrie Honeypot as a tool to investigate anomalous behavior that occurs when a brute force attack happened. The aim of this research is to improve Snort's rule signature performance from brute force attacks by relying on the results of the Cowrie Honeypot log investigation. The results obtained, namely Snort rule signature successfully improved detection capabilities with performance in matching the same packet only requires a short processing time, respectively: 3.5 microsecs in Hydra attacks, 3.8 microsecs in Medusa attacks and 2.3 microsecs in Ncrack attacks.
Reference17 articles.
1. Brute-force and dictionary attack on hashed real-world passwords;Bošnjak,2018
2. A Study of Passwords and Methods Used in Brute-Force SSH Attacks;Owens,2007
Cited by
3 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献