Similarities and differences in patterns and geolocation of SSH attack data
Macy, Jeffry P., II
Rowe, Neil C.
Fulp, J. D.
MetadataShow full item record
Cyber attacks are becoming more prevalent across all sectors of government, business, and academia. Academic networks can be more vulnerable to attack because of a lack of resources and funding. This thesis analyzed unsuccessful Secure Shell (SSH) login attempts with data extracted from the DenyHosts service on the Naval Postgraduate School’s (NPS) network, and compared it to SSH logon data from a Kippo SSH honeypot independent from the NPS network to determine patterns in activity associated with geolocation. Additionally, this thesis analyzed the frequency of the originating IP address, then tried to determine if proxies were being used and how regularly. We identified similar characteristics of attacking hosts for both networks, and noted an excessive of use of vulnerable platforms and ports. Our methodology did not allow us to ascertain if any of the attacks were automated, but we have high confidence that the remote sites were compromised because of their preponderant use of vulnerable software. Also we identified common use of ports 5060 and 8080 suggesting possible botnet activity associated to these sites.
Approved for public release; distribution is unlimited
Showing items related by title, author, creator and subject.
Luckie, Matthew; Beverly, Robert; Wu, Tiange; Allman, Mark; claffy, kc (2015-10);As part of TCP’s steady evolution, recent standards have recommended mechanisms to protect against weaknesses in TCP. But adoption, configuration, and deployment of TCP improvements can be slow. In this work, we consider ...
Slagle, John T. (Monterey, California: Naval Postgraduate School, 2014-12);Myanmar is a Least Developed Nation, according to the UN, and therefore is highly vulnerable to the negative effects of a changing climate. To assess the relationship between Myanmar and climate change, this thesis analyzes ...
Possible Geographical Barriers to Trauma Center Access for Vulnerable Patients in the United States: An Analysis of Urban and Rural Communitie Hsia, Renee; Shen, Yu-Chu (American Medical Association, 2011-01);Objective—To study whether traditionally vulnerable populations have worse geographic access to trauma centers. Design—A cross-sectional analysis using data from the American Hospital Association Annual Survey from 2005 ...