Classification of Linux Commands in SSH Session by Risk Levels

  • Dào Thuy Ngan

Student thesis: Master typesMaster in Computer Science Professional focus in Data Science


Honeypot is a decoy system with vulnerabilities introduced to trap hackers. Through many years of evolution, a generation of smart honeypots has been developed. The self-adaptive honeypot is a smart honeypot that is expected to respond appropriately to the attacker's request. In most existing self-adaptive honeypot systems, the commands sent from the attacker play a central role in the reasoning process of the honeypot. In this thesis, we focus on the construction of a machine learning workflow that aims at estimating the risk level of these commands. Experiments show that the proposed workflow achieves potential results.
Date of Award4 Sept 2020
Original languageEnglish
Awarding Institution
  • University of Namur
SupervisorJean-Noel COLIN (Supervisor)


  • honeypot
  • machine learning
  • representation learning
  • labeling model
  • classification

Cite this