Stealthy SSH Dictionary Attack Detection based on Flow Analysis
Project/Area Number |
25330154
|
Research Category |
Grant-in-Aid for Scientific Research (C)
|
Allocation Type | Multi-year Fund |
Section | 一般 |
Research Field |
Information security
|
Research Institution | Kyushu Institute of Technology |
Principal Investigator |
YUTAKA NAKAMURA 九州工業大学, 情報科学センター, 准教授 (40346317)
|
Project Period (FY) |
2013-04-01 – 2016-03-31
|
Project Status |
Completed (Fiscal Year 2015)
|
Budget Amount *help |
¥4,810,000 (Direct Cost: ¥3,700,000、Indirect Cost: ¥1,110,000)
Fiscal Year 2015: ¥1,560,000 (Direct Cost: ¥1,200,000、Indirect Cost: ¥360,000)
Fiscal Year 2014: ¥1,430,000 (Direct Cost: ¥1,100,000、Indirect Cost: ¥330,000)
Fiscal Year 2013: ¥1,820,000 (Direct Cost: ¥1,400,000、Indirect Cost: ¥420,000)
|
Keywords | ネットワークセキュリティ / 総当たり攻撃 / SSH / SSH辞書攻撃 / 総当り攻撃 / フローの特徴 / トラヒック解析 / ネットワーク管理 |
Outline of Final Research Achievements |
SSH brute force attack has become more seriously, so administrators are desired to implement its countermeasures. In the traditional ways, the SSH brute force attack has been detected by analyzing access logs and network traffic. However, the former way must check a huge quantity of the logs in all servers, and the latter cannot find victims of the attacks. To solve these problems, we propose SSH brute force attack detection based on the flow features analysis. As the experimental results, we showed to be able to identify the attacks and their victims.
|
Report
(4 results)
Research Products
(4 results)