System security is a crucial constraint for secure Transfer of data. Because of the nature of the SSH protocol, anyone with access to the central server can manipulate files, it is imperative that only authorized user...
详细信息
ISBN:
(纸本)9781424452507
System security is a crucial constraint for secure Transfer of data. Because of the nature of the SSH protocol, anyone with access to the central server can manipulate files, it is imperative that only authorized users be able to access the central server. secure Transfer has taken steps that will discourage several common attempts to forcefully gain access to the system. These steps include implementing a port knocking protocol, limiting access to only authorized machines and users, and keeping persistent logs. The secureshell (SSH) protocol is one of the most popular cryptographic protocols on the Internet. secure shell protocol (SSH) uses the standard algorithms namely DES, AES and the RSA. Any user normally can use these algorithms which is being specified by the SSH protocol. As it is an OpenSSH, it is possible for the hackers to break the security during transmission of data. The idea behind the paper was when we allow the users to specify their own encryption techniques, which is not known to others can improve their security and also from hackers breaking the code. This will helps the user to create their encryption standards in the SSH protocol which provides more security to the users network and known only to the users.
The secure shell protocol (SSH) is a well-known standard protocol, mainly used for remotely accessing shell accounts on Unix-like operating systems to perform administrative tasks. As a result, the SSH service has bee...
详细信息
The secure shell protocol (SSH) is a well-known standard protocol, mainly used for remotely accessing shell accounts on Unix-like operating systems to perform administrative tasks. As a result, the SSH service has been an appealing target for attackers, aiming to guess root passwords performing dictionary attacks or to directly exploit the service itself. To identify such situations, this article addresses the detection of SSH anomalous connections from an intrusion detection perspective. The main idea is to compare several strategies and approaches for a better detection of SSH-based attacks. To test the classification performance of different classifiers and combinations of them, SSH data coming from a real-world honeynet are gathered and analysed. For comparison purposes and to draw conclusions about data collection, both packet-based and flow data are analysed. A wide range of classifiers and ensembles are applied to these data, as well as different validation schemes for better analysis of the obtained results. The high-rate classification results lead to positive conclusions about the identification of malicious SSH connections.
The world has changed. Every day, users log on to social media, use online banking to hasten important transactions and utilize cloud services to host data online. This unprecedented level of access to personal and fi...
详细信息
The world has changed. Every day, users log on to social media, use online banking to hasten important transactions and utilize cloud services to host data online. This unprecedented level of access to personal and financial data requires the implementation of protocols that prevent malicious access to this information. The solution to these needs has been cryptography, and we combine cryptographic algorithms to form internet protocols. The security of these protocols can be proven using underlying assumptions based on the hardness of mathematical problems. Despite these proofs of security, attacks on prominent protocols still occur without breaking assumptions underpinning their theoretical security. These attacks often occur outside the scope of frameworks for analysing cryptographic protocols, and thus a non-trivial gap still exists between the theoretical and actual security of internet protocols. This work endeavours to address this gap, by extending previous security frameworks in order to examine novel aspects of internet protocols, and analysing protocols omitted in previous literature. We begin by formalising notions of negotiation in key-exchange protocols, modifying established security models to consider the security of ciphersuite and version negotiation in the Transport Layer Security (TLS) protocol. We continue by investigating proposed drafts of the to-be- standardised TLS protocol version 1.3, extending the Multi-Stage Key-Exchange security model to capture and analyse new aspects of TLS 1.3. We then focus on the security implications of long-term key reuse across multiple ciphersuite variants, and analyse the secure shell protocol in both the Authenticated and Confidential Channel Establishment (ACCE) and a novel multi- ciphersuite-ACCE security models. Finally, we describe the negative implications of insecure time-synchronisation on key-exchange protocols, developing a framework for the analysis of time- synchronisation protocols, and designing a
暂无评论