download0 view1,344
twitter facebook

공공누리This item is licensed Korea Open Government License

dc.contributor.author
이재국
dc.contributor.author
채희승
dc.contributor.author
김성준
dc.contributor.author
박찬열
dc.contributor.author
홍태영
dc.date.accessioned
2019-08-28T07:41:54Z
dc.date.available
2019-08-28T07:41:54Z
dc.date.issued
2016-07-27
dc.identifier.issn
0374-4884
dc.identifier.uri
https://repository.kisti.re.kr/handle/10580/14520
dc.identifier.uri
http://www.ndsl.kr/ndsl/search/detail/article/articleSearchResultDetail.do?cn=NART76208260
dc.description.abstract
Quite a number of cyber-attacks to be place against supercomputers that provide highperformancecomputing (HPC) services to public researcher. Particularly, although the secureshell protocol (SSH) brute-force attack is one of the traditional attack methods, it is still beingused. Because stealth attacks that feign regular access may occur, they are even harder to detect.In this paper, we introduce methods to detect SSH brute-force attacks by analyzing the server’sunsuccessful access logs and the firewall’s drop events in a multi-user environment. Then, we analyzethe durations of the SSH brute-force attacks that are detected by applying these methods. Theresults of an analysis of about 10 thousands attack source IP addresses show that the behaviorsof abnormal users using SSH brute-force attacks are based on human dynamic characteristics of atypical heavy-tailed distribution.
dc.language
kor
dc.relation.ispartofseries
Journal of the Korean Physical Society
dc.title
Heavy-Tailed Distribution of the SSH Brute-Force Attack Duration in a Multi-user Environment
dc.citation.endPage
258
dc.citation.number
2
dc.citation.startPage
253
dc.citation.volume
69
dc.subject.keyword
Human dynamic analysis
dc.subject.keyword
Heavy-tailed distribution
dc.subject.keyword
Brute-force attack
dc.subject.keyword
Supercomputing
Appears in Collections:
7. KISTI 연구성과 > 학술지 발표논문
Files in This Item:
There are no files associated with this item.

Browse