An Experimental Study of SSH Attacks by using Honeypot Decoys

We studied Brute-force SSH attacks carried out on six different universities campus networks by using Honeypot Techniques. Brute-force password guessing attacks against SSH, FTP and telnet servers are the most common form of at- tack to compromise servers facing the internet. A key factor to avoid d...

Full description

Saved in:
Bibliographic Details
Published in:Indian journal of science and technology 2013-12, Vol.6 (12), p.5567-5567
Main Authors: Kheirkhah, Esmaeil, Amin, Sayyed Mehdi Poustchi, Sistani, Hediyeh AmirJahanshahi, Acharya, Haridas
Format: Article
Language:English
Subjects:
Decoys
Effectiveness
Internet
Lists
Networks
Passwords
Servers
Tables (data)
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page 5567
container_issue 12
container_start_page 5567
container_title Indian journal of science and technology
container_volume 6
creator Kheirkhah, Esmaeil
Amin, Sayyed Mehdi Poustchi
Sistani, Hediyeh AmirJahanshahi
Acharya, Haridas
description We studied Brute-force SSH attacks carried out on six different universities campus networks by using Honeypot Techniques. Brute-force password guessing attacks against SSH, FTP and telnet servers are the most common form of at- tack to compromise servers facing the internet. A key factor to avoid disruption of these networks is to defend it against Brute-force attacks. We focused on the attempts to gain remote access to our SSH Honeypots Plus Tools and techniques employed. There are striking similarities in the methods used to attack these dissimilar systems. The evidence shows that, pre-compiled lists of usernames and passwords that are widely shared form the basis for brute-force attacks. When the passwords were analysed, it was found that in the event of actual malicious traffic what was commonly understood to be strong password did not protect the systems from being compromised. The data from the study were used to evaluate the efficacy of a variety of techniques designed to defend the systems against these attacks. Table 17 lists some commonly recommendation for the protection of SSH servers.
format article
fullrecord <record><control><sourceid>proquest</sourceid><recordid>TN_cdi_proquest_miscellaneous_1513442766</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>1513442766</sourcerecordid><originalsourceid>FETCH-LOGICAL-p103t-6a22a14f52968c99d5434ba0c8bdb19d5ba0b1b8f8709beadbdd8a0e0c1a7223</originalsourceid><addsrcrecordid>eNotjLtOwzAYRj2ARFX6Dh5ZIvkWXwaGqBSCVKlDule_L0GB1A61I5G3JxJ8yzln-e7QhhglKqmFfEC7nD_JOs40UWSDnpuIDz9TuA3XEAuMuCuzX3Dqcde1uCkF3FfGdsFzHuIHblMMy5QKfgkuLfkR3fcw5rD75xadXw_nfVsdT2_v--ZYTZTwUklgDKjoa2akdsb4WnBhgThtvaVrrm6p1b1WxNgA3nqvgQTiKCjG-BY9_d1Ot_Q9h1wu1yG7MI4QQ5rzhdaUC8GUlPwXfppFiQ</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>1513442766</pqid></control><display><type>article</type><title>An Experimental Study of SSH Attacks by using Honeypot Decoys</title><source>Freely Accessible Science Journals</source><creator>Kheirkhah, Esmaeil ; Amin, Sayyed Mehdi Poustchi ; Sistani, Hediyeh AmirJahanshahi ; Acharya, Haridas</creator><creatorcontrib>Kheirkhah, Esmaeil ; Amin, Sayyed Mehdi Poustchi ; Sistani, Hediyeh AmirJahanshahi ; Acharya, Haridas</creatorcontrib><description>We studied Brute-force SSH attacks carried out on six different universities campus networks by using Honeypot Techniques. Brute-force password guessing attacks against SSH, FTP and telnet servers are the most common form of at- tack to compromise servers facing the internet. A key factor to avoid disruption of these networks is to defend it against Brute-force attacks. We focused on the attempts to gain remote access to our SSH Honeypots Plus Tools and techniques employed. There are striking similarities in the methods used to attack these dissimilar systems. The evidence shows that, pre-compiled lists of usernames and passwords that are widely shared form the basis for brute-force attacks. When the passwords were analysed, it was found that in the event of actual malicious traffic what was commonly understood to be strong password did not protect the systems from being compromised. The data from the study were used to evaluate the efficacy of a variety of techniques designed to defend the systems against these attacks. Table 17 lists some commonly recommendation for the protection of SSH servers.</description><identifier>ISSN: 0974-6846</identifier><language>eng</language><subject>Decoys ; Effectiveness ; Internet ; Lists ; Networks ; Passwords ; Servers ; Tables (data)</subject><ispartof>Indian journal of science and technology, 2013-12, Vol.6 (12), p.5567-5567</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784</link.rule.ids></links><search><creatorcontrib>Kheirkhah, Esmaeil</creatorcontrib><creatorcontrib>Amin, Sayyed Mehdi Poustchi</creatorcontrib><creatorcontrib>Sistani, Hediyeh AmirJahanshahi</creatorcontrib><creatorcontrib>Acharya, Haridas</creatorcontrib><title>An Experimental Study of SSH Attacks by using Honeypot Decoys</title><title>Indian journal of science and technology</title><description>We studied Brute-force SSH attacks carried out on six different universities campus networks by using Honeypot Techniques. Brute-force password guessing attacks against SSH, FTP and telnet servers are the most common form of at- tack to compromise servers facing the internet. A key factor to avoid disruption of these networks is to defend it against Brute-force attacks. We focused on the attempts to gain remote access to our SSH Honeypots Plus Tools and techniques employed. There are striking similarities in the methods used to attack these dissimilar systems. The evidence shows that, pre-compiled lists of usernames and passwords that are widely shared form the basis for brute-force attacks. When the passwords were analysed, it was found that in the event of actual malicious traffic what was commonly understood to be strong password did not protect the systems from being compromised. The data from the study were used to evaluate the efficacy of a variety of techniques designed to defend the systems against these attacks. Table 17 lists some commonly recommendation for the protection of SSH servers.</description><subject>Decoys</subject><subject>Effectiveness</subject><subject>Internet</subject><subject>Lists</subject><subject>Networks</subject><subject>Passwords</subject><subject>Servers</subject><subject>Tables (data)</subject><issn>0974-6846</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2013</creationdate><recordtype>article</recordtype><recordid>eNotjLtOwzAYRj2ARFX6Dh5ZIvkWXwaGqBSCVKlDule_L0GB1A61I5G3JxJ8yzln-e7QhhglKqmFfEC7nD_JOs40UWSDnpuIDz9TuA3XEAuMuCuzX3Dqcde1uCkF3FfGdsFzHuIHblMMy5QKfgkuLfkR3fcw5rD75xadXw_nfVsdT2_v--ZYTZTwUklgDKjoa2akdsb4WnBhgThtvaVrrm6p1b1WxNgA3nqvgQTiKCjG-BY9_d1Ot_Q9h1wu1yG7MI4QQ5rzhdaUC8GUlPwXfppFiQ</recordid><startdate>20131201</startdate><enddate>20131201</enddate><creator>Kheirkhah, Esmaeil</creator><creator>Amin, Sayyed Mehdi Poustchi</creator><creator>Sistani, Hediyeh AmirJahanshahi</creator><creator>Acharya, Haridas</creator><scope>8BQ</scope><scope>8FD</scope><scope>JG9</scope></search><sort><creationdate>20131201</creationdate><title>An Experimental Study of SSH Attacks by using Honeypot Decoys</title><author>Kheirkhah, Esmaeil ; Amin, Sayyed Mehdi Poustchi ; Sistani, Hediyeh AmirJahanshahi ; Acharya, Haridas</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-p103t-6a22a14f52968c99d5434ba0c8bdb19d5ba0b1b8f8709beadbdd8a0e0c1a7223</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2013</creationdate><topic>Decoys</topic><topic>Effectiveness</topic><topic>Internet</topic><topic>Lists</topic><topic>Networks</topic><topic>Passwords</topic><topic>Servers</topic><topic>Tables (data)</topic><toplevel>online_resources</toplevel><creatorcontrib>Kheirkhah, Esmaeil</creatorcontrib><creatorcontrib>Amin, Sayyed Mehdi Poustchi</creatorcontrib><creatorcontrib>Sistani, Hediyeh AmirJahanshahi</creatorcontrib><creatorcontrib>Acharya, Haridas</creatorcontrib><collection>METADEX</collection><collection>Technology Research Database</collection><collection>Materials Research Database</collection><jtitle>Indian journal of science and technology</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Kheirkhah, Esmaeil</au><au>Amin, Sayyed Mehdi Poustchi</au><au>Sistani, Hediyeh AmirJahanshahi</au><au>Acharya, Haridas</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>An Experimental Study of SSH Attacks by using Honeypot Decoys</atitle><jtitle>Indian journal of science and technology</jtitle><date>2013-12-01</date><risdate>2013</risdate><volume>6</volume><issue>12</issue><spage>5567</spage><epage>5567</epage><pages>5567-5567</pages><issn>0974-6846</issn><abstract>We studied Brute-force SSH attacks carried out on six different universities campus networks by using Honeypot Techniques. Brute-force password guessing attacks against SSH, FTP and telnet servers are the most common form of at- tack to compromise servers facing the internet. A key factor to avoid disruption of these networks is to defend it against Brute-force attacks. We focused on the attempts to gain remote access to our SSH Honeypots Plus Tools and techniques employed. There are striking similarities in the methods used to attack these dissimilar systems. The evidence shows that, pre-compiled lists of usernames and passwords that are widely shared form the basis for brute-force attacks. When the passwords were analysed, it was found that in the event of actual malicious traffic what was commonly understood to be strong password did not protect the systems from being compromised. The data from the study were used to evaluate the efficacy of a variety of techniques designed to defend the systems against these attacks. Table 17 lists some commonly recommendation for the protection of SSH servers.</abstract><tpages>1</tpages></addata></record>
fulltext fulltext
identifier ISSN: 0974-6846
ispartof Indian journal of science and technology, 2013-12, Vol.6 (12), p.5567-5567
issn 0974-6846
language eng
recordid cdi_proquest_miscellaneous_1513442766
source Freely Accessible Science Journals
subjects Decoys
Effectiveness
Internet
Lists
Networks
Passwords
Servers
Tables (data)
title An Experimental Study of SSH Attacks by using Honeypot Decoys
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-11T01%3A21%3A02IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=An%20Experimental%20Study%20of%20SSH%20Attacks%20by%20using%20Honeypot%20Decoys&rft.jtitle=Indian%20journal%20of%20science%20and%20technology&rft.au=Kheirkhah,%20Esmaeil&rft.date=2013-12-01&rft.volume=6&rft.issue=12&rft.spage=5567&rft.epage=5567&rft.pages=5567-5567&rft.issn=0974-6846&rft_id=info:doi/&rft_dat=%3Cproquest%3E1513442766%3C/proquest%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-p103t-6a22a14f52968c99d5434ba0c8bdb19d5ba0b1b8f8709beadbdd8a0e0c1a7223%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=1513442766&rft_id=info:pmid/&rfr_iscdi=true