International Journal of Advanced Networking and Applications

Open Access Open Access  Restricted Access Subscription Access

Outlier Detection in Secure Shell Honeypot using Particle Swarm Optimization Technique


Affiliations
1 Department of Computer Science, SRMV College of Arts and Science, Coimbatore-20, India
2 Department of Computer Applications, SRMV College of Arts and Science, Coimbatore-20, India
3 Department of Computer Science, Avinashilingam Institute for Home Science and Higher Education for Women University, Coimbatore-43, India
 

With trends and technologies, developments and deployments, network communication has become vital and inevitable with human beings. On the other side, a network communication without security is powerless. There are so many technologies and developments have been ischolar_mained to provide a secure and an efficient means of communication through network. Parallel to this, network threats and attacks are also trendy and much technologized. In order to detect such a kind of threats and attacks, this research work proposes honeypot technology. Honeypot is a supplemented active defense system for network security. It traps attacks, records intrusion information about tools and activities of the hacking process, and prevents attacks outbound from the compromised system. This research work implements a kind of honeypot called Secure Shell (SSH) honeypot. SSH honeypot is a secure communication channel which allows users to remotely control computer systems. With the implementation of SSH honeypot, this research work collects the incoming and outgoing traffic data in a network. The collected traffic data can be then analyzed to detect outliers in order to find the abnormal or malicious traffic. This research work detects outliers from the collected SSH honeypot data using Particle Swarm Optimization technique which belongs to the category of cluster-based outlier detection method. With experiments and results, Particle Swarm Optimization shows best results in detecting outliers and has best cost function when compared to other cluster-based algorithms like Genetic Algorithm and Differential Evolution algorithm.

Keywords

Differential Evolution, Genetic Algorithm, Honeypots, Particle Swarm Optimization, Secure Shell.
User
Notifications
Font Size

  • Feng Zhang, Shijie Zhou. Zhiguang Qin, Jinde Liu, Honeypot: A Supplemented Active Defense System for Network Security, IEEE, 2003, 231-235.

  • Ioannis Koniaris, Georgios Papadimitriou, Petros Nicopolitidis, Mohammad Obaidat, Honeypots Deployment for the Analysis and Visualization of Malware Activity and Malicious Connections, IEEE, 2014, 1825-1830.

  • Aaditya Jain, Dr. Bala Buksh, Advance Trends in Network Security with Honeypot and its Comparative Study with other Techniques, International Journal of Engineering Trends and Technology, 29, 2015, 304-312.

  • Shaik Bhanu, Girish Khilari, Varun Kumar, Analysis of SSH attacks of Darknet using Honeypots, International Journal of Engineering Development and Research, 3, 2014, 348- 350.

  • Abdallah Ghourabi, Adel Bouhoula, Data Analyzer Based on Data Mining for Honeypot Router, IEEE, 2015, 1-7.

  • Ren Hui Gong, Mohammad Zulkernine, Purang Abolmaesumi, A Software Implementation of a Genetic Algorithm Based Approach to Network Intrusion Detection, IEEE, 2005, 1-5.

  • Adam Slowik, Application of an Adaptive Differential Evolution Algorithm with Multiple Trial Vectors to Artificial Neural Network Training, IEEE, 58, 2011, 3160-3167.

  • Russell C. Eberhart, Yuhui Shi, Particle Swarm Optimization: Developments, Applications and Resources, IEEE, 2001, 81-86.

  • Enrique Alba and Marco Tomassini, Parallelism and Evolutionary Algorithms, IEEE, 6, 2002, 443462.

  • P. Garcı´a-Teodoro, J. Dı´az-Verdejo, G. Macia´Ferna´ndez, E. Va´zquez, Anomaly-Based Network Intrusion Detection: Techniques, Systems and Challenges, Elsevier, 2009, 18-28.

  • Roshan Chitrakar, Huang Chuanhe, Anomaly based Intrusion Detection using Hybrid Learning Approach of Combining k-Medoids Clustering and Naïve Bayes Classification, IEEE, 2015, 1-5.

  • Robin Berthier, Michel Cukier, Profiling Attacker Behaviour Following SSH Compromises, IEEE, 2007, 1-7.

  • A. M. Riad, Ibrahim Elhenawy, Ahmed Hassan and Nancy Awadallah, Visualize Network Anomaly Detection by Using K-Means Clustering Algorithm, International Journal of Computer Networks & Communications (IJCNC), 5, 2013, 195-208.

  • Naila Belhadj Aissa, Mohamed Guerroumi, SemiSupervised Statistical Approach for Network Anomaly Detection, Elsevier, 2016, 1090 – 1095.

  • Amandeep Singh, Navdeep Singh, Review of Implementing a Working Honeypot System, International Journal of Advanced Research in Computer Science and Software Engineering, 3(6), 2013, 1007-1011.


Abstract Views: 155

PDF Views: 0




  • Outlier Detection in Secure Shell Honeypot using Particle Swarm Optimization Technique

Abstract Views: 155  |  PDF Views: 0

Authors

M. Sithara
Department of Computer Science, SRMV College of Arts and Science, Coimbatore-20, India
M. Chandran
Department of Computer Applications, SRMV College of Arts and Science, Coimbatore-20, India
G. Padmavathi
Department of Computer Science, Avinashilingam Institute for Home Science and Higher Education for Women University, Coimbatore-43, India

Abstract


With trends and technologies, developments and deployments, network communication has become vital and inevitable with human beings. On the other side, a network communication without security is powerless. There are so many technologies and developments have been ischolar_mained to provide a secure and an efficient means of communication through network. Parallel to this, network threats and attacks are also trendy and much technologized. In order to detect such a kind of threats and attacks, this research work proposes honeypot technology. Honeypot is a supplemented active defense system for network security. It traps attacks, records intrusion information about tools and activities of the hacking process, and prevents attacks outbound from the compromised system. This research work implements a kind of honeypot called Secure Shell (SSH) honeypot. SSH honeypot is a secure communication channel which allows users to remotely control computer systems. With the implementation of SSH honeypot, this research work collects the incoming and outgoing traffic data in a network. The collected traffic data can be then analyzed to detect outliers in order to find the abnormal or malicious traffic. This research work detects outliers from the collected SSH honeypot data using Particle Swarm Optimization technique which belongs to the category of cluster-based outlier detection method. With experiments and results, Particle Swarm Optimization shows best results in detecting outliers and has best cost function when compared to other cluster-based algorithms like Genetic Algorithm and Differential Evolution algorithm.

Keywords


Differential Evolution, Genetic Algorithm, Honeypots, Particle Swarm Optimization, Secure Shell.

References