Analysis of credential stealing attacks in an open networked environment

A. Sharma, Z. Kalbarczyk, R. Iyer, J. Barlow

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

This paper analyses the forensic data on credential stealing incidents over a period of 5 years across 5000 machines monitored at the National Center for Supercomputing Applications at the University of Illinois. The analysis conducted is the first attempt in an open operational environment (i) to evaluate the intricacies of carrying out SSH-based credential stealing attacks, (ii) to highlight and quantify key characteristics of such attacks, and (iii) to provide the system level characterization of such incidents in terms of distribution of alerts and incident consequences.

Original languageEnglish (US)
Title of host publicationProceedings - 2010 4th International Conference on Network and System Security, NSS 2010
Pages144-151
Number of pages8
DOIs
StatePublished - Dec 27 2010
Event4th International Conference on Network and System Security, NSS 2010 - Melbourne, VIC, Australia
Duration: Sep 1 2010Sep 3 2010

Publication series

NameProceedings - 2010 4th International Conference on Network and System Security, NSS 2010

Other

Other4th International Conference on Network and System Security, NSS 2010
CountryAustralia
CityMelbourne, VIC
Period9/1/109/3/10

Keywords

  • Credential stealing
  • Incident analysis
  • Intrusion detection

ASJC Scopus subject areas

  • Computer Networks and Communications

Cite this

Sharma, A., Kalbarczyk, Z., Iyer, R., & Barlow, J. (2010). Analysis of credential stealing attacks in an open networked environment. In Proceedings - 2010 4th International Conference on Network and System Security, NSS 2010 (pp. 144-151). [5635533] (Proceedings - 2010 4th International Conference on Network and System Security, NSS 2010). https://doi.org/10.1109/NSS.2010.56