Abstract | ||
---|---|---|
This paper describes an empirical research study to characterize attackers and attacks against targets of opportunity. A honey net infrastructure was built and deployed over 167 days that leveraged three different honey pot configurations and a SSH-based authentication proxy to attract and follow attackers over several weeks. A total of 211 attack sessions were recorded and evidence was collected at each stage of the attack sequence: from discovery to intrusion and exploitation of rogue software. This study makes two important contributions: 1) we introduce a new approach to measure attacker skills, and 2) we leverage keystroke profile analysis to differentiate attackers beyond their IP address of origin. |
Year | DOI | Venue |
---|---|---|
2011 | 10.1109/PRDC.2011.29 | PRDC |
Keywords | Field | DocType |
important contribution,empirical study,keystroke profile analysis,attack session,ssh-based authentication proxy,empirical research study,attack sequence,ip address,attacker skill,different honey pot configuration,new approach,characterizing attackers,honeypots,databases,logic gate,logic gates,empirical research,force | Honeypot,Authentication,Ip address,Intrusion,Profile analysis,Computer security,Computer science,Keystroke logging,Computer network,Software,Empirical research | Conference |
Citations | PageRank | References |
9 | 0.63 | 6 |
Authors | ||
5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Gabriel Salles-Loustau | 1 | 19 | 4.00 |
Robin Berthier | 2 | 275 | 18.99 |
Etienne Collange | 3 | 9 | 0.63 |
Bertrand Sobesto | 4 | 12 | 2.71 |
Michel Cukier | 5 | 668 | 54.60 |