Authors :
Mohammed Bello Suleiman; Romanus Robinson; Muhammad Ubale Kiru
Volume/Issue :
Volume 9 - 2024, Issue 7 - July
Google Scholar :
https://tinyurl.com/2rcaz6uh
Scribd :
https://tinyurl.com/2d375tt8
DOI :
https://doi.org/10.38124/ijisrt/IJISRT24JUL160
Abstract :
Reverse brute force attacks pose a significant
threat to the security of online systems, where
adversaries attempt to gain unauthorized access by
systematically testing a multitude of username and
password combinations against a single account. To
address this challenge, the research presents an
innovative Long-Short Term Memory Network based
model designed to detect such attacks. The model utilizes
LSTM algorithms to analyze login attempt patterns,
identifying anomalies that may indicate reverse brute
force attacks. By examining various factors like user
login behavior, IP address, and time-based patterns, the
model distinguishes legitimate access attempts from
potential attacks with high accuracy. It incorporates
real-time threat intelligence feeds and historical data
analysis to continuously adapt and improve its detection
capabilities. The model dynamically adjusts security
parameters, enforces account lockouts, and
communicates with firewall systems to block suspicious
IP addresses, thus providing a proactive response to
thwart attacks. The research evaluates the effectiveness
of the AI model through simulated and real-world testing
scenarios, demonstrating a significant reduction in false
positives and successful prevention of reverse brute force
attacks. Overall, the developed AI model offers a
sophisticated and proactive solution to the evolving
threat of reverse brute force attacks, contributing to the
advancement of cybersecurity measures.
Keywords :
Reverse Brute Force Attacks, Artificial Intelligence (AI), Machine Learning, Proactive Response Mechanism, LSTM.
References :
- Ali, T., & Ghafoor, A. (2019). A hybrid approach for detecting and mitigating reverse brute force attacks. In 2019 International Conference on Computing and Communication Technologies (ICCCT) (pp. 1-6). IEEE.
- Al-musawi, B. Q. M. (2012). Preventing Brute Force Attack Through The Analyzing Log. Iraqi Journal of Science, 53(3), 663–667.
- Ayankoya, F. (2019). Brute-Force Attack Prevention in Cloud Computing Using One-Time Password and Cryptographic Hash Function. International Journal of Computer Science and Information Security, 17(2), 7–19.
- Chen, S. Y., Yoo, S., Fang, Y. L., & Initiative, C. S. (2020). Quantum Long Short-Term Memory. ArXiv.Org, 1, 1–27.
- Gauri, M., & R.Y, I. (2018). A Review on Maintaining Web Applications and Brute Force Attack. International Research Journal Of Multidisciplinary Studies Special Issue On Advancement In Field Of Computer Science And Information Technology, 4(8), 1–8.
- Goodfellow, I. J., Pouget-Abadie, J., Mirza, M., Xu, B., Warde-Farley, D., Ozair, S., Courville, A., & Bengio, Y. (2014). Generative Adversarial Networks. ArXiv. http://arxiv.org/abs/1406.2661
- Hamza, A. A., & Al-janabi, R. J. (2024). Detecting Brute Force Attacks on SSH and FTP Protocol Using Machine Learning : A Survey. Journal of Al-Qadisiyah for Computer Science and Mathematics, 16(1), 21–31.
- Hamza, A. A., Al-janabi, R. J., Kiktenko, E. O., Kudinov, M. A., Fedorov, A. K., Chen, S. Y., Yoo, S., Fang, Y. L., Initiative, C. S., Najafabadi, M. M., Khoshgoftaar, T. M., Kemp, C., Seliya, N., Zuech, R., Al-musawi, B. Q. M., Hynek, K., Beneš, T., Čejka, T., Kubátová, H., … Abdallah, E. E. (2021). Machine Learning for Detecting Brute Force Attacks at the Network Level. Journal of Big Data, 10(2), 1–10. https://doi.org/10.1109/ACCESS.2022.3159339
- Houdt, G. Van, Mosquera, C., & Napoles, G. (2020). A Review on the Long Short-Term Memory Model A Review on the Long Short-Term Memory Model. Artificial Intelligence Review, 4(12). https://doi.org/ 10.1007/s10462-020-09838-1
- Hynek, K., Beneš, T., Čejka, T., Kubátová, H., Hynek, K., Beneš, T., Čejka, T., Kubátová, H., & Detection, R. (2021). Refined Detection of SSH Brute-Force Attackers Using Machine Learning. IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), 49–63. https://doi.org/ 10.1007/978-3-030-58201-2_4 . hal-03440815 HAL
- Javed, M., & Paxson, V. (2013). Detecting Stealthy , Distributed SSH Brute-Forcing. ACM Digital Library, 4(8). https://doi.org/978-1-4503-2477-9/13/11
- Javaid, A., Niyaz, Q., Sun, W., & Alam, M. (2016). A Deep Learning Approach for Network Intrusion Detection System. In Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies (BICT '15) (pp. 21-26). https://doi.org/10.1007/978-3-319-31944-8_3
- Jiang, Z., Liao, J., Rong, G., & He, W. (2019). Intrusion Detection Using Deep Learning with an Imbalanced Dataset. KSII Transactions on Internet and Information Systems, 13(4), 1874-1887. https://doi.org/10.3837/tiis.2019.04.015
- Kalash, M., Rochan, M., Mohammed, N., Bruce, N. D. B., Wang, Y., & Iqbal, F. (2018). Malware Classification with Deep Convolutional Neural Networks. 2018 9th IFIP International Conference on New Technologies, Mobility and Security, NTMS 2018 - Proceedings. https://doi.org/10.1109/NTMS. 2018.8328749
- Kaur, J. (2015). Prevention of DDoS and Brute Force Attacks on Web Log Files using Combination of Genetic Algorithm and Feed forward Back Propagation Neural Network. International Journal of Computer Applications, 120(23), 10–13.
- Kiktenko, E. O., Kudinov, M. A., & Fedorov, A. K. (2019). Detecting brute-force attacks on cryptocurrency wallets. ArXiv.Org, 2, 1–10.
- Kasongo, S. M., & Sun, Y. (2019). Performance Analysis of Intrusion Detection Systems Using a Feature Selection Method on the UNSW-NB15 Dataset. Journal of Big Data, 6(1), Article 1. https://doi.org/10.1186/s40537-019-0211-7
- Kim, J., Kim, J., Thu, H. L. T., & Guitart, H. (2016). A Deep Learning Approach for Intrusion Detection with Kernel Behavior Features. In Proceedings of the IEEE International Conference on Information Networking (ICOIN) (pp. 190-195). IEEE. https://doi.org/10.1109/ICOIN.2016.7427080
- Li, Y., Xu, J., Deng, L., & Gao, Y. (2019). A Deep Learning Approach to Real-Time Malicious Traffic Detection in Large-Scale Network. IEEE Access, 7, 174489-174502. https://doi.org/10.1109/ACCESS. 2019.2957228
- Laskodi, A., Molnár, S., & Szebenyi, P. (2020). Evolving honeywords for efficient detection of reverse brute-force attacks. Computers & Security, 92, 101774.
- Laghrissi, F., Douzi, S., Douzi, K., & Hssina, B. (2021). Intrusion detection systems using long short ‑ term memory ( LSTM ). Journal of Big Data, 8(65). https://doi.org/10.1186/s40537-021-00448-4
- Lindemann, B., Müller, T., Vietz, H., Jazdi, N., & Weyrich, M. (2023). A survey on long short-term memory networks for time series prediction Benjamin. CIRP Conference on Intelligent Computation in Manufacturing Engineering, 99(July 2020), 650–655. https://doi.org/10.1016/j.procir. 2021.03.088
- Minaee, S., Kafieh, R., Sonka, M., Yazdani, S., & Jamalipour Soufi, G. (2020). Deep-COVID: Predicting COVID-19 from chest X-ray images using deep transfer learning. Medical Image Analysis, 65. https://doi.org/10.1016/j.media.2020.101794
- Oruh, J., Viriri, S., Member, S., & Adegun, A. (2022). Long Short-Term Memory Recurrent Neural Network for Automatic Speech Recognition. IEEE Access, 10(2022), 30069–30079. https://doi.org/10. 1109/ACCESS.2022.3159339
- Otoom, A. F., Eleisah, W., & Abdallah, E. E. (2023). Deep Learning for Accurate Detection of Brute Force attacks on IoT Networks. 14th International Conference on Ambient Systems, Networks and Technologies (ANT), 220, 291–298. https://doi.org/ 10.1016/j.procs.2023.03.038
- Raikar, M. M., & Meena, S. M. (2021). SSH brute force attack mitigation in Internet of Things ( IoT ) network : An edge device security measure. Second International Conference on Secure Cyber Computing and Communication (ICSCCC), July. https://doi.org/10.1109/ICSCCC51823.2021.9478131
- Vugdelija, N., Nedeljković, N., Kojić, N., Luka Lukić, & Vesić, M. (2022). Review Of Brute-Force Attack And Protection Techniques. Serbian Journal of Technology Belgrade, 2(3), 1–10.
- Wanjau, S. K., Wambugu, G. M., & Kamau, G. N. (2021). SSH-Brute Force Attack Detection Model based on Deep Learning. International Journal of Computer Applications Technology and Research, 10(01), 42–50.
- Yin, C., Zhu, Y., Fei, J., & He, X. (2017). A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks. IEEE Access, 5, 21954-21961. https://doi.org/10.1109/ACCESS.2017. 2762418
Reverse brute force attacks pose a significant
threat to the security of online systems, where
adversaries attempt to gain unauthorized access by
systematically testing a multitude of username and
password combinations against a single account. To
address this challenge, the research presents an
innovative Long-Short Term Memory Network based
model designed to detect such attacks. The model utilizes
LSTM algorithms to analyze login attempt patterns,
identifying anomalies that may indicate reverse brute
force attacks. By examining various factors like user
login behavior, IP address, and time-based patterns, the
model distinguishes legitimate access attempts from
potential attacks with high accuracy. It incorporates
real-time threat intelligence feeds and historical data
analysis to continuously adapt and improve its detection
capabilities. The model dynamically adjusts security
parameters, enforces account lockouts, and
communicates with firewall systems to block suspicious
IP addresses, thus providing a proactive response to
thwart attacks. The research evaluates the effectiveness
of the AI model through simulated and real-world testing
scenarios, demonstrating a significant reduction in false
positives and successful prevention of reverse brute force
attacks. Overall, the developed AI model offers a
sophisticated and proactive solution to the evolving
threat of reverse brute force attacks, contributing to the
advancement of cybersecurity measures.
Keywords :
Reverse Brute Force Attacks, Artificial Intelligence (AI), Machine Learning, Proactive Response Mechanism, LSTM.