All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Bruteforcing in the Shadows - Evading Automated Detection

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F12%3A00058679" target="_blank" >RIV/00216224:14610/12:00058679 - isvavai.cz</a>

  • Result on the web

    <a href="http://www.cert.org/flocon/2012/presentations/drasar-vykopal-bruteforcing-in-the-shadows.pdf" target="_blank" >http://www.cert.org/flocon/2012/presentations/drasar-vykopal-bruteforcing-in-the-shadows.pdf</a>

  • DOI - Digital Object Identifier

Alternative languages

  • Result language

    angličtina

  • Original language name

    Bruteforcing in the Shadows - Evading Automated Detection

  • Original language description

    Networks of today face multitude of attacks of various complexities, but research of suitable defences is often done on limited or unsuitable datasets or insufficient testbeds. Therefore many proposed detection mechanisms are usable only for relatively small subsets of attacks, which significantly disturbs traffic patterns such as flooding attacks or massive port scans. At Masaryk University, which has about 15,000 networked computers, we employ a wide range of detection tools based on NetFlow, such asport scan, botnet, and brute-force attack detectors. Their initial versions proved to be useful for detecting attacks that generate significant behavioral changes in traffic patterns. However we have found that there are several techniques to lessen thebehavioral impact and in effect to hide an attack from the detection mechanisms. In our presentation we will discuss three such techniques. The first one restricts the number of attempts in a given time window under the detection threshol

  • Czech name

  • Czech description

Classification

  • Type

    A - Audiovisual production

  • CEP classification

    IN - Informatics

  • OECD FORD branch

Result continuities

  • Project

    <a href="/en/project/OVMASUN200801" target="_blank" >OVMASUN200801: Security of Czech army information and communication systems - On-line monitoring, Visualization and Packet Filtration. Computer Incident Response Capability Development in the Cyber Defence Environment.</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach

Others

  • Publication year

    2012

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • ISBN

  • Place of publication

  • Publisher/client name

  • Version

  • Carrier ID

Similar results(10)

Security Monitoring of HTTP Traffic Using Extended FlowsNetwork Infrastructure Testing with DDoS AttacksWhatsThat? On the Usage of Hierarchical Clustering for Unsupervised Detection & Interpretation of Network Attacks