Analysis of credential stealing attacks in an open networked environment

A. Sharma; Z. Kalbarczyk; R. Iyer; J. Barlow

doi:10.1109/NSS.2010.56

Analysis of credential stealing attacks in an open networked environment

A. Sharma, Z. Kalbarczyk, R. Iyer, J. Barlow

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

This paper analyses the forensic data on credential stealing incidents over a period of 5 years across 5000 machines monitored at the National Center for Supercomputing Applications at the University of Illinois. The analysis conducted is the first attempt in an open operational environment (i) to evaluate the intricacies of carrying out SSH-based credential stealing attacks, (ii) to highlight and quantify key characteristics of such attacks, and (iii) to provide the system level characterization of such incidents in terms of distribution of alerts and incident consequences.

Original language	English (US)
Title of host publication	Proceedings - 2010 4th International Conference on Network and System Security, NSS 2010
Pages	144-151
Number of pages	8
DOIs	https://doi.org/10.1109/NSS.2010.56
State	Published - 2010
Event	4th International Conference on Network and System Security, NSS 2010 - Melbourne, VIC, Australia Duration: Sep 1 2010 → Sep 3 2010

Publication series

Name	Proceedings - 2010 4th International Conference on Network and System Security, NSS 2010

Other

Other	4th International Conference on Network and System Security, NSS 2010
Country/Territory	Australia
City	Melbourne, VIC
Period	9/1/10 → 9/3/10

Keywords

Credential stealing
Incident analysis
Intrusion detection

ASJC Scopus subject areas

Computer Networks and Communications

Online availability

10.1109/NSS.2010.56

Library availability

Discover UIUC Full Text

Cite this

Sharma, A., Kalbarczyk, Z., Iyer, R., & Barlow, J. (2010). Analysis of credential stealing attacks in an open networked environment. In Proceedings - 2010 4th International Conference on Network and System Security, NSS 2010 (pp. 144-151). Article 5635533 (Proceedings - 2010 4th International Conference on Network and System Security, NSS 2010). https://doi.org/10.1109/NSS.2010.56

Analysis of credential stealing attacks in an open networked environment. / Sharma, A.; Kalbarczyk, Z.; Iyer, R. et al.
Proceedings - 2010 4th International Conference on Network and System Security, NSS 2010. 2010. p. 144-151 5635533 (Proceedings - 2010 4th International Conference on Network and System Security, NSS 2010).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Sharma, A, Kalbarczyk, Z , Iyer, R & Barlow, J 2010, Analysis of credential stealing attacks in an open networked environment. in Proceedings - 2010 4th International Conference on Network and System Security, NSS 2010., 5635533, Proceedings - 2010 4th International Conference on Network and System Security, NSS 2010, pp. 144-151, 4th International Conference on Network and System Security, NSS 2010, Melbourne, VIC, Australia, 9/1/10. https://doi.org/10.1109/NSS.2010.56

@inproceedings{aa93feeac46144b284092dea58aacb77,

title = "Analysis of credential stealing attacks in an open networked environment",

abstract = "This paper analyses the forensic data on credential stealing incidents over a period of 5 years across 5000 machines monitored at the National Center for Supercomputing Applications at the University of Illinois. The analysis conducted is the first attempt in an open operational environment (i) to evaluate the intricacies of carrying out SSH-based credential stealing attacks, (ii) to highlight and quantify key characteristics of such attacks, and (iii) to provide the system level characterization of such incidents in terms of distribution of alerts and incident consequences.",

keywords = "Credential stealing, Incident analysis, Intrusion detection",

author = "A. Sharma and Z. Kalbarczyk and R. Iyer and J. Barlow",

year = "2010",

doi = "10.1109/NSS.2010.56",

language = "English (US)",

isbn = "9780769541594",

series = "Proceedings - 2010 4th International Conference on Network and System Security, NSS 2010",

pages = "144--151",

booktitle = "Proceedings - 2010 4th International Conference on Network and System Security, NSS 2010",

}

TY - GEN

T1 - Analysis of credential stealing attacks in an open networked environment

AU - Sharma, A.

AU - Kalbarczyk, Z.

AU - Iyer, R.

AU - Barlow, J.

PY - 2010

Y1 - 2010

N2 - This paper analyses the forensic data on credential stealing incidents over a period of 5 years across 5000 machines monitored at the National Center for Supercomputing Applications at the University of Illinois. The analysis conducted is the first attempt in an open operational environment (i) to evaluate the intricacies of carrying out SSH-based credential stealing attacks, (ii) to highlight and quantify key characteristics of such attacks, and (iii) to provide the system level characterization of such incidents in terms of distribution of alerts and incident consequences.

AB - This paper analyses the forensic data on credential stealing incidents over a period of 5 years across 5000 machines monitored at the National Center for Supercomputing Applications at the University of Illinois. The analysis conducted is the first attempt in an open operational environment (i) to evaluate the intricacies of carrying out SSH-based credential stealing attacks, (ii) to highlight and quantify key characteristics of such attacks, and (iii) to provide the system level characterization of such incidents in terms of distribution of alerts and incident consequences.

KW - Credential stealing

KW - Incident analysis

KW - Intrusion detection

UR - http://www.scopus.com/inward/record.url?scp=78650335645&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=78650335645&partnerID=8YFLogxK

U2 - 10.1109/NSS.2010.56

DO - 10.1109/NSS.2010.56

M3 - Conference contribution

AN - SCOPUS:78650335645

SN - 9780769541594

T3 - Proceedings - 2010 4th International Conference on Network and System Security, NSS 2010

SP - 144

EP - 151

BT - Proceedings - 2010 4th International Conference on Network and System Security, NSS 2010

T2 - 4th International Conference on Network and System Security, NSS 2010

Y2 - 1 September 2010 through 3 September 2010

ER -

Analysis of credential stealing attacks in an open networked environment

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Cite this