Similarities and differences in patterns and geolocation of SSH attack data
Macy, Jeffry P., II
Rowe, Neil C.
Fulp, J. D.
MetadataShow full item record
Cyber attacks are becoming more prevalent across all sectors of government, business, and academia. Academic networks can be more vulnerable to attack because of a lack of resources and funding. This thesis analyzed unsuccessful Secure Shell (SSH) login attempts with data extracted from the DenyHosts service on the Naval Postgraduate School’s (NPS) network, and compared it to SSH logon data from a Kippo SSH honeypot independent from the NPS network to determine patterns in activity associated with geolocation. Additionally, this thesis analyzed the frequency of the originating IP address, then tried to determine if proxies were being used and how regularly. We identified similar characteristics of attacking hosts for both networks, and noted an excessive of use of vulnerable platforms and ports. Our methodology did not allow us to ascertain if any of the attacks were automated, but we have high confidence that the remote sites were compromised because of their preponderant use of vulnerable software. Also we identified common use of ports 5060 and 8080 suggesting possible botnet activity associated to these sites.
Approved for public release; distribution is unlimited
Showing items related by title, author, creator and subject.
Luckie, Matthew; Beverly, Robert; Wu, Tiange; Allman, Mark; claffy, kc (2015-10);As part of TCP’s steady evolution, recent standards have recommended mechanisms to protect against weaknesses in TCP. But adoption, configuration, and deployment of TCP improvements can be slow. In this work, we consider ...
Slagle, John T. (Monterey, California: Naval Postgraduate School, 2014-12);Myanmar is a Least Developed Nation, according to the UN, and therefore is highly vulnerable to the negative effects of a changing climate. To assess the relationship between Myanmar and climate change, this thesis analyzes ...
Cameron, Wendy K. (Monterey, California. Naval Postgraduate School, 2008-12);This thesis addresses planning for vulnerable populations, those segments of each community that are normally independent but that may require special assistance during a health emergency such as an influenza pandemic. ...