SIEGE: Service-independent enterprise-grade protection against password scans

Abstract
Security is one of the main challenges today, complicated significantly by the heterogeneous and open academic networks with thousands of different applications. Botnet-based brute-force password scans are a common security threat against the open academic networks. Common defenses are hard to maintain, error-prone and do not reliably discriminate between user error and coordinated attack. In this paper, we present a novel approach, which allows to secure many network services at once. By combining in-app tracking, local and global crowdsourcing, geographic information, and probabilistic user-bot distinction through differential password analysis, our PAM-based detection module can provide higher accuracy and faster blocking of botnets. In the future, we aim to make the mechanism even more generic and thus provide a distributed defense against one of the strongest threats against our infrastructure.
  • Citation
  • BibTeX
Waldvogel, M. & Kollek, J., (2014). SIEGE: Service-independent enterprise-grade protection against password scans. In: Müller, P., Neumair, B., Reiser, H. & Rodosek, G. D. (Hrsg.), 7. DFN-Forum - Kommunikationstechnologien. Bonn: Gesellschaft für Informatik e.V.. (S. 121-130).
@inproceedings{mci/Waldvogel2014,
author = {Waldvogel, Marcel AND Kollek, Jürgen},
title = {SIEGE: Service-independent enterprise-grade protection against password scans},
booktitle = {7. DFN-Forum - Kommunikationstechnologien},
year = {2014},
editor = {Müller, Paul AND Neumair, Bernhard AND Reiser, Helmut AND Rodosek, Gabi Dreo} ,
pages = { 121-130 },
publisher = {Gesellschaft für Informatik e.V.},
address = {Bonn}
}
DateienGroesseFormatAnzeige
121.pdf178.7Kb PDF View/Open

Haben Sie fehlerhafte Angaben entdeckt? Sagen Sie uns Bescheid: Send Feedback

More Info

ISBN: 978-3-88579-625-1
ISSN: 1617-5468
xmlui.MetaDataDisplay.field.date: 2014
Language: en (en)
Content Type: Text/Conference Paper
Collections

Show full item record