Protecting Financial Institutions from Brute-Force Attacks
نویسندگان
چکیده
We examine the problem of protecting online banking accounts from password brute-forcing attacks. Our method is to create a large number of honeypot userID-password pairs. Presentation of any of these honeypot credentials causes the attacker to be logged into a honeypot account with fictitious attributes. For the attacker to tell the difference between a honeypot and a real account he must attempt to transfer money out. We show that is simple to ensure that a brute-force attacker will encounter hundreds or even thousands of honeypot accounts for every real break-in. His activity in the honeypots provides the data by which the bank learns the attackers attempts to tell real from honeypot accounts, and his cash out strategy. 1.
منابع مشابه
Protecting SSH at the Transport Layer
SSH daemons are common targets for brute force attacks. Through log monitoring and firewalling, the impact of these attacks on both security and bandwidth consumption can be minimised. We consider a number of implementations and employ Stockade [1] as a backend to SSHGuard [2] for blocking attackers.
متن کاملDo Strong Web Passwords Accomplish Anything?
We find that traditional password advice given to users is somewhat dated. Strong passwords do nothing to protect online users from password stealing attacks such as phishing and keylogging, and yet they place considerable burden on users. Passwords that are too weak of course invite brute-force attacks. However, we find that relatively weak passwords, about 20 bits or so, are sufficient to mak...
متن کاملSession Fixation Vulnerability in Web-based Applications
Many web-based applications employ some kind of session management to create a user-friendly environment. Sessions are stored on server and associated with respective users by session identifiers (IDs). Naturally, session IDs present an attractive target for attackers, who, by obtaining them, effectively hijack users’ identities. Knowing that, web servers are employing techniques for protecting...
متن کاملTOPASE: Detection and Prevention of Brute Force Attacks with Disciplined IPs from IDS Logs
Brute force attacks are used to obtain pairs of user names and passwords illegally by using all existing pairs to login to network services. These are a major security threat faced by network service administrators. In general, to prevent brute force attacks, administrators can set limitations on the number of login trials and shut down the traffic of brute force attacks with an intrusion preve...
متن کاملA Study of Passwords and Methods Used in Brute-Force SSH Attacks
In its Top-20 Security Risks report for 2007, the SANS Institute called brute-force password guessing attacks against SSH, FTP and telnet servers “the most common form of attack to compromise servers facing the Internet.” A recent study also suggests that Linux systems may play an important role in the command and control networks for botnets. Defending against brute-force SSH attacks may there...
متن کامل