302 research outputs found
Detection of HTTPS brute-force attacks in high-speed computer networks
Tato práce pĹ™edstavuje pĹ™ehled metod pro detekci sĂĹĄovĂ˝ch hrozeb se zaměřenĂm na Ăştoky hrubou silou proti webovĂ˝m aplikacĂm, jako jsou WordPress a Joomla. Byl vytvoĹ™en novĂ˝ dataset, kterĂ˝ se skládá z provozu zachycenĂ©ho na páteĹ™nĂ sĂti a ĂştokĹŻ generovanĂ˝ch pomocĂ open-source nástrojĹŻ. Práce pĹ™inášà novou metodu pro detekci Ăştoku hrubou silou, která je zaloĹľena na charakteristikách jednotlivĂ˝ch paketĹŻ a pouĹľĂvá modernĂ metody strojovĂ©ho uÄŤenĂ. Metoda funguje s šifrovanou HTTPS komunikacĂ, a to bez nutnosti dešifrovánĂ jednotlivĂ˝ch paketĹŻ. Stále vĂce webovĂ˝ch aplikacĂ pouĹľĂvá HTTPS pro zabezpeÄŤenĂ komunikace, a proto je nezbytnĂ© aktualizovat detekÄŤnĂ metody, aby byla zachována základnĂ viditelnost do sĂĹĄovĂ©ho provozu.This thesis presents a review of flow-based network threat detection, with the focus on brute-force attacks against popular web applications, such as WordPress and Joomla. A new dataset was created that consists of benign backbone network traffic and brute-force attacks generated with open-source attack tools. The thesis proposes a method for brute-force attack detection that is based on packet-level characteristics and uses modern machine-learning models. Also, it works with encrypted HTTPS traffic, even without decrypting the payload. More and more network traffic is being encrypted, and it is crucial to update our intrusion detection methods to maintain at least some level of network visibility
- …