Other formats:
BibTeX
LaTeX
RIS
@inbook{1076305,
author = {Vykopal, Jan and Drašar, Martin and Winter, Philipp},
address = {Stuttgart},
booktitle = {Advances in IT Early Warning},
editor = {Markus Zeilinger, Peter Schoo, Eckehard Hermann},
keywords = {network; flow; brute force attack; password; detection; similarity; entropy; evasion},
howpublished = {tištěná verze "print"},
language = {eng},
location = {Stuttgart},
isbn = {978-3-8396-0474-8},
pages = {41-51},
publisher = {Fraunhofer Verlag},
title = {Flow-based Brute-force Attack Detection},
year = {2013}
}
TY - CHAP
ID - 1076305
AU - Vykopal, Jan - Drašar, Martin - Winter, Philipp
PY - 2013
TI - Flow-based Brute-force Attack Detection
VL - Neuveden
PB - Fraunhofer Verlag
CY - Stuttgart
SN - 9783839604748
KW - network
KW - flow
KW - brute force attack
KW - password
KW - detection
KW - similarity
KW - entropy
KW - evasion
N2 - Brute-force attacks are a prevalent phenomenon that is getting harder to successfully detect on a network level due to increasing volume and encryption of network traffic and growing ubiquity of high-speed networks. Although the research in this field advanced considerably, there still remain classes of attacks that are hard to detect. In this chapter, we present several methods for the detection of brute-force attacks based on the analysis of network flows. We discuss their strengths and shortcomings as well as shortcomings of flow-based methods in general. We also demonstrate the fragility of some methods by introducing detection evasion techniques.
ER -
VYKOPAL, Jan, Martin DRAŠAR and Philipp WINTER. Flow-based Brute-force Attack Detection. Online. In Markus Zeilinger, Peter Schoo, Eckehard Hermann. \textit{Advances in IT Early Warning}. Stuttgart: Fraunhofer Verlag, 2013. p.~41-51. ISBN~978-3-8396-0474-8. [citováno 2024-04-23]
|
