Password Attack Analysis Over Honeypot Using Machine Learning Password Attack Analysis

Abstract

Developing information and technology has caused the digitization of data in all areas of our lives. While this digitization provides entirely new conveniences, speed, efficiency, and effectiveness in our current life, it also created a new environment, space, and ultimately a risk area for attackers. This new space is called cyberspace. There is a constant struggle between security experts and attackers in cyberspace. However, as in any environment, the attacker is always in an advantageous position. In this fight, the newest approach for security experts to catch attackers is to use technologies based on prediction and detection, such as artificial intelligence, machine learning, artificial neural networks. Only in this way will it be possible to fight tens of thousands of pests that appear every second. This study focuses on detecting password attack types (brute force attack, dictionary attack, and social engineering) on real systems using Cowrie Honeypot. The logs obtained during the said attacks were used in the machine learning algorithm, and subsequent similar attacks were classified with the help of artificial intelligence. Various machine learning algorithms such as Naive Bayes, Decision tree, Random Forest, and Support Vector Machine (SVM) have been used to classify these attacks. As a result of this research, it was determined that the password attacks carried out by the attacker were phishing attacks, dictionary attacks, or brute force attacks with high success rates. Determining the type of password attack will play a critical role in determining the measures to be taken by the target institution to close the vulnerabilities in which the attack can be carried out. It has been evaluated that the study will make significant contributions to cybersecurity and password attacks.