Volume 11, Number 6

The Method of Detecting Online Password Attacks Based on High-level Protocol Analysis
and Clustering Techniques


Nguyen Hong Son1 and Ha Thanh Dung2, 1Posts and Telecommunications Institute of Technology, Vietnam and 2Ho Chi Minh City University of Natural Resources and Environments, Vietnam


Although there have been many solutions applied, the safety challenges related to the password security mechanism are not reduced. The reason for this is that while the means and tools to support password attacks are becoming more and more abundant, the number of transaction systems through the Internet is increasing, and new services systems appear. For example, IoT also uses password-based authentication. In this context, consolidating password-based authentication mechanisms is critical, but monitoring measures for timely detection of attacks also play an important role in this battle. The password attack detection solutions being used need to be supplemented and improved to meet the new situation. In this paper we propose a solution that automatically detects online password attacks in a way that is based solely on the network, using unsupervised learning techniques and protected application orientation. Our solution therefore minimizes dependence on the factors encountered by host-based or supervised learning solutions. The certainty of the solution comes from using the results of in-depth analysis of attack characteristics to build the detection capacity of the mechanism. The solution was implemented experimentally on the real system and gave positive results.


Online password attack detection, unsupervised learning, protocol analysis, DBSCAN clustering algorithm