Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Open Access Guideline
Open Access Guideline
Postgraduate Thesis Guideline
Postgraduate Thesis Guideline
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
An analysis of kerberoasting attack and detection with supervised machine learning algorithms
Download
An Analysis Of Kerberoasting Attack And Detection With Supervised Machine Learning Algorithms.pdf
Date
2024-11
Author
Aksüt, Yasin
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
72
views
0
downloads
Cite This
Active Directory (AD) is one of the most widely used directory services today, playing a key role in organizing and managing network resources within an organization. In cybersecurity, AD serves as a significant component for defense in depth, offering layered security by controlling access to network assets, enforcing authentication policies, and monitoring for suspicious activity. Therefore, it is essential to have a robust security strategy in place to prevent and detect AD attacks in depth. Detection of AD attacks is difficult because attackers often use techniques that blend in with normal network traffic and activities. Among the AD attacks, Kerberoasting attack which leverages inherent weaknesses in the Kerberos authentication protocol used by AD can be most stealthy and may not exhibit obvious signs of compromise. It makes it difficult for security teams to detect them using traditional security tools. In this work, we are going to try to provide a solution for detection of Kerberoasting attacks by using supervised machine learning algorithms. Moreover, there is no publicly available dataset that can be used to measure the efficiency of any machine learning algorithm for Kerberoasting attacks for the sake of protecting the security of sensitive data. For this reason, we created a dataset by conducting the study in a virtual environment and we made security logs publicly available.
Subject Keywords
Active Directory Security
,
Kerberos Protocol
,
Supervised Machine Learning Algorithms
URI
https://hdl.handle.net/11511/112647
Collections
Graduate School of Informatics, Thesis
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
Y. Aksüt, “An analysis of kerberoasting attack and detection with supervised machine learning algorithms,” M.S. - Master of Science, Middle East Technical University, 2024.
