{"title":"Analysis and prevention of network password guessing attacks in an enterprise environment","authors":"F. B. Manolache, Qingping Hou, O. Rusu","doi":"10.1109/ROEDUNET-RENAM.2014.6955303","DOIUrl":null,"url":null,"abstract":"Common tools are available to protect individual computers against malicious password guessing attacks affecting services like ssh or imap. This paper takes such tools to the next level by proposing network-wide defense strategies and by presenting an implementation of a system that creates a collective defense. Such a system is useful in enterprise environments where frequent ssh scans waste bandwidth and some aggressive imap scans can induce denial of service to mail servers. The defense system is based on a set of computers that maintain a common database about the individual attacks. By interpreting the events stored in the database, every computer on the network can preemptively block attackers. The main objectives of the design of this system are to avoid creating a single point of failure by using a distributed database, and to handle the entire configuration of the participants from one single file. A variety of attack scenarios are studied to improve the efficiency of the defense.","PeriodicalId":340048,"journal":{"name":"2014 RoEduNet Conference 13th Edition: Networking in Education and Research Joint Event RENAM 8th Conference","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 RoEduNet Conference 13th Edition: Networking in Education and Research Joint Event RENAM 8th Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ROEDUNET-RENAM.2014.6955303","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
Common tools are available to protect individual computers against malicious password guessing attacks affecting services like ssh or imap. This paper takes such tools to the next level by proposing network-wide defense strategies and by presenting an implementation of a system that creates a collective defense. Such a system is useful in enterprise environments where frequent ssh scans waste bandwidth and some aggressive imap scans can induce denial of service to mail servers. The defense system is based on a set of computers that maintain a common database about the individual attacks. By interpreting the events stored in the database, every computer on the network can preemptively block attackers. The main objectives of the design of this system are to avoid creating a single point of failure by using a distributed database, and to handle the entire configuration of the participants from one single file. A variety of attack scenarios are studied to improve the efficiency of the defense.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
