Přehled o publikaci
2013
Protocol-independent Detection of Dictionary Attacks
DRAŠAR, MartinBasic information
Original name
Protocol-independent Detection of Dictionary Attacks
Name in Czech
Detekce slovníkových útoků nezávisla na aplikačním protokolu
Authors
DRAŠAR, Martin
Edition
Berlin, Advances in Communication Networking, p. 304-309, 6 pp. 2013
Publisher
Springer Berlin Heidelberg
Other information
Language
English
Type of outcome
Proceedings paper
Field of Study
Informatics
Country of publisher
Germany
Confidentiality degree
is not subject to a state or trade secret
Publication form
printed version "print"
Marked to be transferred to RIV
Yes
RIV identification code
RIV/00216224:14610/13:00065726
Organization
Ústav výpočetní techniky – Repository – Repository
ISBN
978-3-642-40551-8
ISSN
Keywords in English
traffic classes; anomaly detection; network behavior analysis
Links
VF20132015031, research and development project.
Changed: 1/9/2020 16:19, RNDr. Daniel Jakubík
Abstract
In the original language
Data throughput of current high-speed networks makes it prohibitively expensive to detect attacks using conventional means of deep packet inspection. The network behavior analysis seemed to be a solution, but it lacks in several aspects. The academic research focuses on sophisticated and advanced detection schemes that are, however, often problematic to deploy into the production. In this paper we try different approach and take inspiration from industry practice of using relatively simple but effective solutions. We introduce a model of malicious traffic based on practical experience that can be used to create simple and effective detection methods. This model was used to develop a successful proof-of-concept method for protocol-independent detection of dictionary attacks that is validated with empirical data in this paper.
