Další formáty:
BibTeX
LaTeX
RIS
@inbook{1076305, author = {Vykopal, Jan and Drašar, Martin and Winter, Philipp}, address = {Stuttgart}, booktitle = {Advances in IT Early Warning}, editor = {Markus Zeilinger, Peter Schoo, Eckehard Hermann}, keywords = {network; flow; brute force attack; password; detection; similarity; entropy; evasion}, howpublished = {tištěná verze "print"}, language = {eng}, location = {Stuttgart}, isbn = {978-3-8396-0474-8}, pages = {41-51}, publisher = {Fraunhofer Verlag}, title = {Flow-based Brute-force Attack Detection}, year = {2013} }
TY - CHAP ID - 1076305 AU - Vykopal, Jan - Drašar, Martin - Winter, Philipp PY - 2013 TI - Flow-based Brute-force Attack Detection VL - Neuveden PB - Fraunhofer Verlag CY - Stuttgart SN - 9783839604748 KW - network KW - flow KW - brute force attack KW - password KW - detection KW - similarity KW - entropy KW - evasion N2 - Brute-force attacks are a prevalent phenomenon that is getting harder to successfully detect on a network level due to increasing volume and encryption of network traffic and growing ubiquity of high-speed networks. Although the research in this field advanced considerably, there still remain classes of attacks that are hard to detect. In this chapter, we present several methods for the detection of brute-force attacks based on the analysis of network flows. We discuss their strengths and shortcomings as well as shortcomings of flow-based methods in general. We also demonstrate the fragility of some methods by introducing detection evasion techniques. ER -
VYKOPAL, Jan, Martin DRAŠAR a Philipp WINTER. Flow-based Brute-force Attack Detection. In Markus Zeilinger, Peter Schoo, Eckehard Hermann. \textit{Advances in IT Early Warning}. Stuttgart: Fraunhofer Verlag, 2013, s.~41-51. ISBN~978-3-8396-0474-8.
|