SIEGE: Service-independent enterprise-grade protection against password scans
نویسندگان
چکیده
Security is one of the main challenges today, complicated significantly by the heterogeneous and open academic networks with thousands of different applications. Botnet-based brute-force password scans are common security threat against the open academic networks. Common defenses are hard to maintain, error-prone and do not reliably discriminate between user error and coordinated attack. In this paper, we present a novel approach, which allows to secure many network services at once. By combining in-app tracking, local and global crowdsourcing, geographic information, and probabilistic user-bot distinction through differential password analysis, our PAM-based detection module can provide higher accuracy and faster blocking of botnets. In the future, we aim to make the mechanism even more generic and thus provide a distributed defense against one of the strongest threats against our infrastructure.
منابع مشابه
OPass: Attractive Presentation of User Authentication Protocol with Resist to Password Reuse Attacks
Passwords are the influential apparatus that tend to keep all data and information digitally safe. It is often notice that text password leftovers mostly popular over the other formats of passwords, due to the information that it is simple and convenient. However, text passwords are not always strong enough and are very easily stolen and changed under different vulnerabilities. Others can acqui...
متن کاملProfile of patients referred for computed tomography, likely to be explored by scintigraphy imaging in a country with no nuclear medicine service: The case of Togo
Introduction: Describe the profile of patients referred for computed tomography (CT) likely to be scanned with scintigraphy imaging in Togo. Methods: Prospective study carried out from May 15 to August 15 2020 including patients referred for non-traumatic CT scans (excluding strokes) in all the radiology centres in Togo with operational ...
متن کاملA Survey on Password Security Systems
Password security is essential for user authentication on small networking system as well large networking system. Till today many researchers introduced various methods to protect passwords on network. Passwords are prone to various types of attacks like brute force attack, password reuse attack, password stealing attack, password cracking attack, etc. This paper gives review on different meth...
متن کاملProxied authentication in single sign-on setups with common open source systems - an empirical survey
The paper presents results from an empirical study about the use of a single sign-on (SSO) system in an integrated open source system landscape for supporting team collaboration. A portal solution, enterprise content management system, groupware, business process management and enterprise search engine are used. The investigation shows that although it is easy to achieve SSO with the Web-based ...
متن کاملOptimal authentication protocols resistant to password guessing attacks
Users are typically authenticated by their passwords. Because people are known to choose convenient passwords, which tend to be easy to guess, authenti-cation protocols have been developed that protect user passwords from guessing attacks. These proposed protocols , however, use more messages and rounds than those protocols that are not resistant to guessing attacks. This paper gives new protoc...
متن کامل