Gesellschaft für Informatik e.V.

Lecture Notes in Informatics


7. DFN-Forum - Kommunikationstechnologien P-231, 121-130 (2014).

Gesellschaft für Informatik, Bonn
2014


Copyright © Gesellschaft für Informatik, Bonn

Contents

SIEGE: Service-independent enterprise-grade protection against password scans

Marcel Waldvogel and Jürgen Kollek

Abstract


Security is one of the main challenges today, complicated significantly by the heterogeneous and open academic networks with thousands of different applications. Botnet-based brute-force password scans are a common security threat against the open academic networks. Common defenses are hard to maintain, error-prone and do not reliably discriminate between user error and coordinated attack. In this paper, we present a novel approach, which allows to secure many network services at once. By combining in-app tracking, local and global crowdsourcing, geographic information, and probabilistic user-bot distinction through differential password analysis, our PAM-based detection module can provide higher accuracy and faster blocking of botnets. In the future, we aim to make the mechanism even more generic and thus provide a distributed defense against one of the strongest threats against our infrastructure.


Full Text: PDF

Gesellschaft für Informatik, Bonn
ISBN 978-3-88579-625-1


Last changed 31.10.2014 13:54:15