Detailed Information on Publication Record
2013
Flow-based Brute-force Attack Detection
VYKOPAL, Jan, Martin DRAŠAR and Philipp WINTERBasic information
Original name
Flow-based Brute-force Attack Detection
Name in Czech
Detekce útoků hrubou silou pomocí síťových toků
Authors
VYKOPAL, Jan (203 Czech Republic, guarantor, belonging to the institution), Martin DRAŠAR (203 Czech Republic, belonging to the institution) and Philipp WINTER (40 Austria)
Edition
Stuttgart, Advances in IT Early Warning, p. 41-51, 11 pp. 2013
Publisher
Fraunhofer Verlag
Other information
Language
English
Type of outcome
Kapitola resp. kapitoly v odborné knize
Field of Study
10201 Computer sciences, information science, bioinformatics
Country of publisher
Germany
Confidentiality degree
není předmětem státního či obchodního tajemství
Publication form
printed version "print"
RIV identification code
RIV/00216224:14610/13:00065695
Organization unit
Institute of Computer Science
ISBN
978-3-8396-0474-8
Keywords in English
network; flow; brute force attack; password; detection; similarity; entropy; evasion
Tags
International impact
Změněno: 3/4/2014 15:24, Mgr. Marta Novotná Buršíková
Abstract
V originále
Brute-force attacks are a prevalent phenomenon that is getting harder to successfully detect on a network level due to increasing volume and encryption of network traffic and growing ubiquity of high-speed networks. Although the research in this field advanced considerably, there still remain classes of attacks that are hard to detect. In this chapter, we present several methods for the detection of brute-force attacks based on the analysis of network flows. We discuss their strengths and shortcomings as well as shortcomings of flow-based methods in general. We also demonstrate the fragility of some methods by introducing detection evasion techniques.
Links
| OVMASUN200801, research and development project |
|