download0 view212
twitter facebook

공공누리This item is licensed Korea Open Government License

Title
Heavy-Tailed Distribution of the SSH Brute-Force Attack Duration in a Multi-user Environment
Author(s)
이재국채희승김성준박찬열홍태영
Publication Year
2016-07-27
Abstract
Quite a number of cyber-attacks to be place against supercomputers that provide highperformancecomputing (HPC) services to public researcher. Particularly, although the secureshell protocol (SSH) brute-force attack is one of the traditional attack methods, it is still beingused. Because stealth attacks that feign regular access may occur, they are even harder to detect.In this paper, we introduce methods to detect SSH brute-force attacks by analyzing the server’sunsuccessful access logs and the firewall’s drop events in a multi-user environment. Then, we analyzethe durations of the SSH brute-force attacks that are detected by applying these methods. Theresults of an analysis of about 10 thousands attack source IP addresses show that the behaviorsof abnormal users using SSH brute-force attacks are based on human dynamic characteristics of atypical heavy-tailed distribution.
Keyword
Human dynamic analysis; Heavy-tailed distribution; Brute-force attack; Supercomputing
Journal Title
Journal of the Korean Physical Society
Citation Volume
69
ISSN
0374-4884
Files in This Item:
There are no files associated with this item.
Appears in Collections:
7. KISTI 연구성과 > 학술지 발표논문
URI
https://repository.kisti.re.kr/handle/10580/14520
http://www.ndsl.kr/ndsl/search/detail/article/articleSearchResultDetail.do?cn=NART76208260
Export
RIS (EndNote)
XLS (Excel)
XML

Browse