{"id":"https://openalex.org/W4408100430","doi":"https://doi.org/10.1109/ants63515.2024.10898570","title":"BruSSH: Early Detection of Distributed Brute Force SSH Attacks Using LSTM","display_name":"BruSSH: Early Detection of Distributed Brute Force SSH Attacks Using LSTM","publication_year":2024,"publication_date":"2024-12-15","ids":{"openalex":"https://openalex.org/W4408100430","doi":"https://doi.org/10.1109/ants63515.2024.10898570"},"language":"en","primary_location":{"id":"doi:10.1109/ants63515.2024.10898570","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ants63515.2024.10898570","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5110123219","display_name":"N.G. Sharma","orcid":"https://orcid.org/0000-0001-8172-5748"},"institutions":[{"id":"https://openalex.org/I56404289","display_name":"Indian Institute of Technology BHU","ror":"https://ror.org/01kh5gc44","country_code":"IN","type":"education","lineage":["https://openalex.org/I56404289"]},{"id":"https://openalex.org/I91357014","display_name":"Banaras Hindu University","ror":"https://ror.org/04cdn2797","country_code":"IN","type":"education","lineage":["https://openalex.org/I91357014"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"Neha Sharma","raw_affiliation_strings":["Indian Institute of Technology (BHU),Computer Science & Engineering,Varanasi,India"],"affiliations":[{"raw_affiliation_string":"Indian Institute of Technology (BHU),Computer Science & Engineering,Varanasi,India","institution_ids":["https://openalex.org/I56404289","https://openalex.org/I91357014"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5006700624","display_name":"Mayank Swarnkar","orcid":"https://orcid.org/0000-0001-7351-0341"},"institutions":[{"id":"https://openalex.org/I91357014","display_name":"Banaras Hindu University","ror":"https://ror.org/04cdn2797","country_code":"IN","type":"education","lineage":["https://openalex.org/I91357014"]},{"id":"https://openalex.org/I56404289","display_name":"Indian Institute of Technology BHU","ror":"https://ror.org/01kh5gc44","country_code":"IN","type":"education","lineage":["https://openalex.org/I56404289"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Mayank Swarnkar","raw_affiliation_strings":["Indian Institute of Technology (BHU),Computer Science & Engineering,Varanasi,India"],"affiliations":[{"raw_affiliation_string":"Indian Institute of Technology (BHU),Computer Science & Engineering,Varanasi,India","institution_ids":["https://openalex.org/I56404289","https://openalex.org/I91357014"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5116482600","display_name":"Md Zuhair","orcid":null},"institutions":[{"id":"https://openalex.org/I56404289","display_name":"Indian Institute of Technology BHU","ror":"https://ror.org/01kh5gc44","country_code":"IN","type":"education","lineage":["https://openalex.org/I56404289"]},{"id":"https://openalex.org/I91357014","display_name":"Banaras Hindu University","ror":"https://ror.org/04cdn2797","country_code":"IN","type":"education","lineage":["https://openalex.org/I91357014"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Md Zuhair","raw_affiliation_strings":["Indian Institute of Technology (BHU),Computer Science & Engineering,Varanasi,India"],"affiliations":[{"raw_affiliation_string":"Indian Institute of Technology (BHU),Computer Science & Engineering,Varanasi,India","institution_ids":["https://openalex.org/I56404289","https://openalex.org/I91357014"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5110123219"],"corresponding_institution_ids":["https://openalex.org/I56404289","https://openalex.org/I91357014"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.33121292,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9930999875068665,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9921000003814697,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7150502800941467},{"id":"https://openalex.org/keywords/brute-force","display_name":"Brute force","score":0.5774774551391602},{"id":"https://openalex.org/keywords/brute-force-attack","display_name":"Brute-force attack","score":0.5728552937507629},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2420540750026703},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.11372935771942139}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7150502800941467},{"id":"https://openalex.org/C2986801135","wikidata":"https://www.wikidata.org/wiki/Q1209494","display_name":"Brute force","level":2,"score":0.5774774551391602},{"id":"https://openalex.org/C207468940","wikidata":"https://www.wikidata.org/wiki/Q869370","display_name":"Brute-force attack","level":3,"score":0.5728552937507629},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2420540750026703},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.11372935771942139}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/ants63515.2024.10898570","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ants63515.2024.10898570","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2024 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W3188902280","https://openalex.org/W4226466313","https://openalex.org/W3136039078","https://openalex.org/W4382399242","https://openalex.org/W1551862606","https://openalex.org/W2464214798","https://openalex.org/W4402567901","https://openalex.org/W3142500634","https://openalex.org/W2392880310","https://openalex.org/W143968145"],"abstract_inverted_index":{"Secure":[0,6],"Socket":[1],"Shell,":[2,7],"also":[3],"known":[4],"as":[5],"refers":[8],"to":[9,38,103,119,122,141,165],"the":[10,40,61,104,130,153,174,190,201,226,236,261],"cryptographic":[11],"network":[12,188],"protocol":[13],"and":[14,35,47,64,84,86,93,133,146,169,192],"suite":[15],"of":[16,155,195,203,238,263],"implementation":[17],"utilities":[18],"that":[19,254],"helps":[20],"users":[21],"connect":[22],"a":[23,32,182],"computer":[24],"over":[25],"an":[26,44,48,125],"unsecured":[27],"network.":[28],"Although":[29],"SSH":[30,45,49,54,126,198,266],"provides":[31],"strong":[33],"authentication":[34],"encryption":[36],"mechanism":[37],"protect":[39],"data":[41],"shared":[42],"between":[43],"client":[46],"server,":[50],"cybercriminals":[51],"relentlessly":[52],"exploit":[53],"servers":[55,74,78],"through":[56],"brute":[57],"force":[58],"attacks":[59,68,99,138],"using":[60,81,90,209],"common":[62],"username":[63,132],"password":[65,134],"combinations.":[66,135],"These":[67],"are":[69,75,117,139],"still":[70],"prevalent":[71],"because":[72,108,143],"many":[73],"misconfigured;":[76],"some":[77,87],"might":[79],"be":[80,89],"default":[82],"usernames":[83,92],"passwords,":[85],"can":[88],"predictable":[91],"easily":[94],"guessed":[95],"passwords.":[96],"Moreover,":[97],"these":[98],"pose":[100],"significant":[101],"challenges":[102],"existing":[105],"detection":[106,157,194,262],"methods":[107],"attackers":[109],"use":[110],"distributed":[111,196,264],"brute-forcing":[112,137],"in":[113,260],"which":[114,163,180],"multiple":[115],"sources":[116],"involved":[118],"repeatedly":[120],"attempt":[121],"log":[123],"into":[124],"server":[127],"by":[128],"guessing":[129],"possible":[131],"Distributed":[136],"harder":[140],"detect":[142],"IP":[144,228],"addresses":[145,229],"port":[147],"numbers":[148],"change":[149],"every":[150],"time.":[151],"Additionally,":[152],"majority":[154],"traditional":[156],"systems":[158],"rely":[159],"on":[160],"post-event":[161],"analysis,":[162],"leads":[164],"delayed":[166],"response":[167],"times":[168],"increased":[170],"vulnerability.":[171],"To":[172,234],"overcome":[173],"aforementioned":[175],"problems,":[176],"we":[177,205,242],"present":[178],"BruSSH,":[179],"utilizes":[181],"Long":[183],"Short-Term":[184],"Memory":[185],"(LSTM)":[186],"neural":[187],"for":[189,217],"early":[191],"accurate":[193],"brute-force":[197,265],"attacks.":[199,267],"Leveraging":[200],"capabilities":[202],"LSTM,":[204],"train":[206],"our":[207,239,255],"model":[208],"cumulative":[210],"login":[211,220],"failure":[212,221],"counts":[213],"per":[214],"event,":[215],"allowing":[216],"forecasting":[218],"future":[219],"counts.":[222],"Furthermore,":[223],"BruSSH":[224,244],"identifies":[225],"suspicious":[227],"associated":[230],"with":[231,245],"malicious":[232],"activity.":[233],"verify":[235],"validity":[237],"proposed":[240],"method,":[241],"tested":[243],"two":[246],"publicly":[247],"available":[248],"datasets.":[249],"The":[250],"experimental":[251],"results":[252,259],"show":[253],"method":[256],"achieves":[257],"favorable":[258]},"counts_by_year":[],"updated_date":"2025-12-28T23:10:05.387466","created_date":"2025-10-10T00:00:00"}