A journey towards rigorous cybersecurity experiments: on the application of criminological theories
Proceedings of the 2012 Workshop on Learning from Authoritative Security Experiment Results
Quantitative security evaluation of a multi-biometric authentication system
SAFECOMP'12 Proceedings of the 2012 international conference on Computer Safety, Reliability, and Security
Hi-index | 0.00 |
This paper describes an empirical research study to characterize attackers and attacks against targets of opportunity. A honey net infrastructure was built and deployed over 167 days that leveraged three different honey pot configurations and a SSH-based authentication proxy to attract and follow attackers over several weeks. A total of 211 attack sessions were recorded and evidence was collected at each stage of the attack sequence: from discovery to intrusion and exploitation of rogue software. This study makes two important contributions: 1) we introduce a new approach to measure attacker skills, and 2) we leverage keystroke profile analysis to differentiate attackers beyond their IP address of origin.