Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
Analysis of Password Attacks From The Perspective Of The Attacker By Multiple Honeypots
Download
Kıvanç_Aydın_tez_10421250.pdf
Date
2021-8-19
Author
Aydın, Kıvanç
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
270
views
49
downloads
Cite This
Authentication is vital for secure operation of ICT systems. Since the past several decades, alternative solutions have been developed for authentication, such as biometric authentication methods, aiming at replacing passwords. Nevertheless, their success has been limited as evidenced by intensive use of passwords. Today, an average user uses dozens of different passwords in daily practice. The frequent use of passwords in authentication also leads to a close interest of attackers due to rapid the expansion of ICT for the past several decades. Recently, almost 70% percent of cyber attacks target user credentials. This study investigates password attacks from the attacker's perspective by using ten honeypot systems that run mock SSH services. The focus of the analysis is the efficiency of the blacklisting approach against password attacks, and the analysis of the attitudes of attackers as recorded in log files. The relationship between the passwords used in the attacks and the local language of the target country was also investigated using a language identification model.
Subject Keywords
Password Security
,
Honeypot
URI
https://hdl.handle.net/11511/92151
Collections
Graduate School of Informatics, Thesis
Suggestions
OpenMETU
Core
Graphical Passwords as Browser Extension: Implementation and Usability Study
BIÇAKCI, KEMAL; Yuceel, Mustafa; Erdeniz, Burak; Gurbaslar, Hakan; ATALAY, NART BEDİN (2009-06-19)
Today, most Internet applications still establish user authentication with traditional text based passwords. Designing a secure as well as a user-friendly password-based method has been on the agenda of security researchers for a long time. On one hand, there are password manager programs which facilitate generating site-specific strong passwords from a single user password to eliminate the memory burden due to multiple passwords. On the other hand, there are studies exploring the viability of graphical pas...
A Decision Support System for Optimal Selection of Enterprise Information Security Preventative Actions
Sonmez, Ferda Ozdemir; Günel Kılıç, Banu (2021-09-01)
Types and complexity of information security related vulnerabilities are growing rapidly and present numerous challenges to the enterprises. One of the key challenges is to identify the optimal set of precautions with limited budget. Despite the fact that majority of enterprises have a budget constraint for installing and maintaining the protection systems, the majority of the previous work only focus on prioritization of security targets and do not consider the preventative actions and budget constraints. ...
The role of visual coherence in graphical passwords
Özge, Alaçam; Christopher, Habel; Acartürk, Cengiz (null; 2013-08-31)
Graphical password is an alternative method of authentication to alphanumerical passwords. From theperspectiveof research on human memory, it is yet another novel technology that introduces challenges on human memory components. In this study, we aim to investigatethe previousfindings in human visual memory in the domain ofgraphical passwords by analyzingthe role ofvisual coherence in passwords. The results of an experimental studyreveal that in terms of memorability, co...
Uses of PKI for process authorization
Taşkazan, Feyza; Özgit, Attila; Erten, Murat; Department of Computer Engineering (2003)
Enterprises require an information security solution that provides privacy, integrity, authentication and access controls for processes. License management systems are developed to be a solution for process authorization in different platforms. However, security threats on processes cannot be controlled with existing license management mechanisms. The need is a complete system that is independent from implementation, platform, and application. In this thesis, we design a complete system for process authoriz...
Security of certificate-based protocols: focus on server authentication
Baran, Selim; Özbudak, Ferruh; Selçuk, Ali Aydın; Department of Cryptography (2015)
Today, secure communication channels are mostly set up via certificate-based protocols, such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS). Although they have been used for years and in so many areas, from e-commerce and internet banking to secure channel needs in military, there have been several attacks on their security model, which forced researchers to make studies on them. In this thesis, we will explain their security model, the vulnerabilities discovered so far, the precautions fo...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
K. Aydın, “Analysis of Password Attacks From The Perspective Of The Attacker By Multiple Honeypots,” M.S. - Master of Science, Middle East Technical University, 2021.
