Abstract :
With trends and technologies, developments and deployments, network communication has become vital and
inevitable with human beings. On the other side, a network communication without security is powerless. There are so many technologies and developments have been rooted to provide a secure and an efficient means of communication through network. Parallel to this, network threats and attacks are also trendy and much technologized. In order to detect such a kind of threats and attacks, this research work proposes honeypot technology. Honeypot is a supplemented active defense system for network security. It traps attacks, records intrusion information about tools and activities of the hacking process, and prevents attacks outbound from the
compromised system. This research work implements a kind of honeypot called Secure Shell (SSH) honeypot.
SSH honeypot is a secure communication channel which allows users to remotely control computer systems. With
the implementation of SSH honeypot, this research work collects the incoming and outgoing traffic data in a network. The collected traffic data can be then analyzed to detect outliers in order to find the abnormal or malicious traffic. This research work detects outliers from the collected SSH honeypot data using Particle Swarm Optimization technique which belongs to the category of cluster-based outlier detection method. With experiments and results, Particle Swarm Optimization shows best results in detecting outliers and has best cost function when compared to other cluster-based algorithms like Genetic Algorithm and Differential Evolution algorithm.
Keyword :
Differential Evolution, Genetic Algorithm, Honeypots, Particle Swarm Optimization, Secure Shell