Title :
Characterizing Attackers and Attacks: An Empirical Study
Author :
Salles-Loustau, Gabriel ; Berthier, Robin ; Collange, Etienne ; Sobesto, Bertrand ; Cukier, Michel
Abstract :
This paper describes an empirical research study to characterize attackers and attacks against targets of opportunity. A honey net infrastructure was built and deployed over 167 days that leveraged three different honey pot configurations and a SSH-based authentication proxy to attract and follow attackers over several weeks. A total of 211 attack sessions were recorded and evidence was collected at each stage of the attack sequence: from discovery to intrusion and exploitation of rogue software. This study makes two important contributions: 1) we introduce a new approach to measure attacker skills, and 2) we leverage keystroke profile analysis to differentiate attackers beyond their IP address of origin.
Keywords :
security of data; IP address; SSH-based authentication proxy; attack sessions; attacker characterization; attacker skill measurement; honey net infrastructure; honey pot configurations; keystroke profile analysis; opportunity target; rogue software exploitation; Containers; Databases; Delay; Force; IP networks; Logic gates; Software; Attack Analysis; Attacker Behavior; Empirical Research Study; Honeypots;
Conference_Titel :
Dependable Computing (PRDC), 2011 IEEE 17th Pacific Rim International Symposium on
Conference_Location :
Pasadena, CA
Print_ISBN :
978-1-4577-2005-5
Electronic_ISBN :
978-0-7695-4590-5
DOI :
10.1109/PRDC.2011.29
