| 基于Kippo蜜罐的SSH暴力破解行为分析 |
| |
| 引用本文: | 段凯元,何申,程叶霞.基于Kippo蜜罐的SSH暴力破解行为分析[J].信息安全与通信保密,2014(3):104-109. |
| |
| 作者姓名: | 段凯元 何申 程叶霞 |
| |
| 作者单位: | [1] 北京科技大学,北京100083 [2] 中国移动通信研究院,北京100053 |
| |
| 基金项目: | 国家发改委信息化领域创新能力建设专项(网络安全应急技术国家工程实验室项目). |
| |
| 摘 要: | SSH是相对于传统协议而言安全可靠的远程服务协议,然而现今针对于SSH的暴力破解攻击已经严重威胁了其安全性.为了研究SSH暴力破解攻击行为特征,提高系统和服务的安全性,采取了不同于传统网络防护的被动防御策略,搭建了基于Kippo蜜罐的主动防御系统,并基于此,利用Kippo蜜罐的日志记录,对攻击者及其攻击行为特征进行了多方面的详细分析,从而提出了SSH服务的安全建议与加固措施,在一定程度上增强了针对SSH暴力破解攻击的防御能力,提高了安全性.
|
| 关 键 词: | 网络安全 SSH 暴力破解 Kippo蜜罐 攻击行为 |
Analysis of SSH Brute-Force Cracking Behavior based on Kippo Honeypot |
| |
| DUAN Kai-yuan,HE Shen,CHENG Ye-xia.Analysis of SSH Brute-Force Cracking Behavior based on Kippo Honeypot[J].China Information Security,2014(3):104-109. |
| |
| Authors: | DUAN Kai-yuan HE Shen CHENG Ye-xia |
| |
| Affiliation: | 1 Universlty of Science and Technology Beijing, Beijing 100083, China; 2China Mobile Research Institute, Bcijing 100053, China) |
| |
| Abstract: | As a protocol for secure remote access, SSH is comparatively safer and more reliable than conventional protocols. However, According the epidemic epidemic of the brute-force cracking aiming at SSH has seriously threatened the security of the protocol. In order to take research on analysis of SSH brute-force cracking behavior and improve the security of system and service, an active defense system based on Kippo honeypot is built, which is different from traditional passive defense system. Based on this, with the log records of Kippo honeypot system, the characteristics of the attackers and their attack behavior are analyzed from many aspects in detail. The security suggestions and reinforce measures are proposed for SSH service, which can improve the defense capability against SSH brute-force cracking and enhance the security performance of the system to some extent. |
| |
| Keywords: | network security SSH brute-force cracking Kippo honeypot attack behavior |
| 本文献已被 CNKI 维普 等数据库收录! |
|
