A Cluster-based Approach Towards Detecting and Modeling Network Dictionary Attacks

A Cluster-based Approach Towards Detecting and Modeling Network Dictionary Attacks

Show other versions (1)

In this paper, we provide an approach to detect network dictionary attacks using a data set collected as flows based on which a clustered graph is resulted. These flows provide an aggregated view of the network traffic in which the exchanged packets in the network are considered so that more interna...

Full description

Bibliographic Details
Main Authors: A. Tajari Siahmarzkooh, J. Karimpour, S. Lotfi
Format: Article
Language:English
Published: D. G. Pylarinos 2016-12-01
Series:Engineering, Technology & Applied Science Research
Subjects:
intrusion detection
Markov chain
grpah clustering
dictionary attack
Online Access:https://etasr.com/index.php/ETASR/article/view/937
id doaj-3c67f718679a4b2b901daf01481d8c0f
record_format Article
spelling doaj-3c67f718679a4b2b901daf01481d8c0f2020-12-02T16:19:57ZengD. G. PylarinosEngineering, Technology & Applied Science Research2241-44871792-80362016-12-0166A Cluster-based Approach Towards Detecting and Modeling Network Dictionary AttacksA. Tajari Siahmarzkooh0J. Karimpour1S. Lotfi2Department of Computer Science, University of Tabriz, Tabriz, IranDepartment of Computer Science, University of Tabriz, Tabriz, IranDepartment of Computer Science, University of Tabriz, Tabriz, IranIn this paper, we provide an approach to detect network dictionary attacks using a data set collected as flows based on which a clustered graph is resulted. These flows provide an aggregated view of the network traffic in which the exchanged packets in the network are considered so that more internally connected nodes would be clustered. We show that dictionary attacks could be detected through some parameters namely the number and the weight of clusters in time series and their evolution over the time. Additionally, the Markov model based on the average weight of clusters,will be also created. Finally, by means of our suggested model, we demonstrate that artificial clusters of the flows are created for normal and malicious traffic. The results of the proposed approach on CAIDA 2007 data set suggest a high accuracy for the model and, therefore, it provides a proper method for detecting the dictionary attack. https://etasr.com/index.php/ETASR/article/view/937intrusion detectionMarkov chaingrpah clusteringdictionary attack
collection DOAJ
language English
format Article
sources DOAJ
author A. Tajari Siahmarzkooh
J. Karimpour
S. Lotfi
spellingShingle A. Tajari Siahmarzkooh
J. Karimpour
S. Lotfi
A Cluster-based Approach Towards Detecting and Modeling Network Dictionary Attacks
Engineering, Technology & Applied Science Research
intrusion detection
Markov chain
grpah clustering
dictionary attack
author_facet A. Tajari Siahmarzkooh
J. Karimpour
S. Lotfi
author_sort A. Tajari Siahmarzkooh
title A Cluster-based Approach Towards Detecting and Modeling Network Dictionary Attacks
title_short A Cluster-based Approach Towards Detecting and Modeling Network Dictionary Attacks
title_full A Cluster-based Approach Towards Detecting and Modeling Network Dictionary Attacks
title_fullStr A Cluster-based Approach Towards Detecting and Modeling Network Dictionary Attacks
title_full_unstemmed A Cluster-based Approach Towards Detecting and Modeling Network Dictionary Attacks
title_sort cluster-based approach towards detecting and modeling network dictionary attacks
publisher D. G. Pylarinos
series Engineering, Technology & Applied Science Research
issn 2241-4487
1792-8036
publishDate 2016-12-01
description In this paper, we provide an approach to detect network dictionary attacks using a data set collected as flows based on which a clustered graph is resulted. These flows provide an aggregated view of the network traffic in which the exchanged packets in the network are considered so that more internally connected nodes would be clustered. We show that dictionary attacks could be detected through some parameters namely the number and the weight of clusters in time series and their evolution over the time. Additionally, the Markov model based on the average weight of clusters,will be also created. Finally, by means of our suggested model, we demonstrate that artificial clusters of the flows are created for normal and malicious traffic. The results of the proposed approach on CAIDA 2007 data set suggest a high accuracy for the model and, therefore, it provides a proper method for detecting the dictionary attack.
topic intrusion detection
Markov chain
grpah clustering
dictionary attack
url https://etasr.com/index.php/ETASR/article/view/937
work_keys_str_mv AT atajarisiahmarzkooh aclusterbasedapproachtowardsdetectingandmodelingnetworkdictionaryattacks
AT jkarimpour aclusterbasedapproachtowardsdetectingandmodelingnetworkdictionaryattacks
AT slotfi aclusterbasedapproachtowardsdetectingandmodelingnetworkdictionaryattacks
AT atajarisiahmarzkooh clusterbasedapproachtowardsdetectingandmodelingnetworkdictionaryattacks
AT jkarimpour clusterbasedapproachtowardsdetectingandmodelingnetworkdictionaryattacks
AT slotfi clusterbasedapproachtowardsdetectingandmodelingnetworkdictionaryattacks
_version_ 1724405092152508416

Similar Items