THE METHOD OF DETECTING ONLINE PASSWORD ATTACKS BASED ON HIGH-LEVEL PROTOCOL ANALYSIS AND CLUSTERING TECHNIQUES

Nguyen Hong Son¹ and Ha Thanh Dung²

¹Faculty of Information Technology Posts and Telecommunications Institute of Technology, Vietnam 

²Faculty of Information Systems and Remote Sensing Ho Chi Minh City University of Natural Resources and Environments, Vietnam

Abstract 

Although there have been many solutions applied, the safety challenges related to the password security mechanism are not reduced. The reason for this is that while the means and tools to support password attacks are becoming more and more abundant, the number of transaction systems through the Internet is increasing, and new services systems appear. For example, IoT also uses password-based authentication. In this context, consolidating password-based authentication mechanisms is critical, but monitoring measures for timely detection of attacks also play an important role in this battle. The password attack detection solutions being used need to be supplemented and improved to meet the new situation. In this paper we propose a solution that automatically detects online password attacks in a way that is based solely on the network, using unsupervised learning techniques and protected application orientation. Our solution therefore minimizes dependence on the factors encountered by host-based or supervised learning solutions. The certainty of the solution comes from using the results of in-depth analysis of attack characteristics to build the detection capacity of the mechanism. The solution was implemented experimentally on the real system and gave positive results.

Keywords 

Online password attack detection, unsupervised learning, protocol analysis, DBSCAN clustering algorithm 
                       

                                                  Full Text