Protecting financial institutions from brute-force attacks

被引:0
|
作者
Herley, Cormac [1 ]
Florencio, Dinei [1 ]
机构
[1] Microsoft Res, Redmond, WA USA
来源
PROCEEDINGS OF THE IFIP TC 11/ 23RD INTERNATIONAL INFORMATION SECURITY CONFERENCE | 2008年
关键词
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
We examine the problem, of protecting online banking accounts from password brute-forcing attacks. Our method is to create a large number of honeypot userID-password, pairs. Presentation of any of these honeypot credentials causes the attacker to be logged into a honeypot account with fictitious attributes. For the attacker to tell the difference between a honeypot and a real account lie must attempt to transfer money out. We show that is simple to ensure that a brute-force attacker will encounter hundreds or even. thousands of honeypot accounts for every real break-in. His activity in the honeypots provides the data by which the bank learns the attackers attempts to tell real from honeypot accounts, and his cash. out strategy.
引用
收藏
页码:681 / 685
页数:5
相关论文
共 50 条
  • [21] Brute-Force Hyperpolarization for NMR and MRI
    Hirsch, Matthew L.
    Kalechofsky, Neal
    Belzer, Avrum
    Rosay, Melanie
    Kempf, James G.
    JOURNAL OF THE AMERICAN CHEMICAL SOCIETY, 2015, 137 (26) : 8428 - 8434
  • [22] Local Search: Is Brute-Force Avoidable?
    Fellows, Michael R.
    Rosamond, Frances A.
    Fomin, Fedor V.
    Lokshtanov, Daniel
    Saurabh, Saket
    Villanger, Yngve
    21ST INTERNATIONAL JOINT CONFERENCE ON ARTIFICIAL INTELLIGENCE (IJCAI-09), PROCEEDINGS, 2009, : 486 - 491
  • [23] A brute-force approach to vegetation classification
    Schmidtlein, Sebastian
    Tichy, Lubomir
    Feilhauer, Hannes
    Faude, Ulrike
    JOURNAL OF VEGETATION SCIENCE, 2010, 21 (06) : 1162 - 1171
  • [24] Local search: Is brute-force avoidable?
    Fellows, Michael R.
    Fomin, Fedor V.
    Lokshtanov, Daniel
    Rosamond, Frances
    Saurabh, Saket
    Villanger, Yngve
    JOURNAL OF COMPUTER AND SYSTEM SCIENCES, 2012, 78 (03) : 707 - 719
  • [25] PUMP CONTROLS FINESSE BRUTE-FORCE DESIGN
    BAGAT, A
    ORBAN, P
    HYDRAULICS & PNEUMATICS, 1985, 38 (05) : 53 - &
  • [26] Network Coding Delay: A Brute-Force Analysis
    Nistor, Maricica
    Barros, Joao
    Vieira, Fausto
    Vinhoza, Tiago T. V.
    Widmer, Joerg
    2010 INFORMATION THEORY AND APPLICATIONS WORKSHOP (ITA), 2010, : 39 - 43
  • [27] Centralized vs Decentralized Targeted Brute-Force Attacks: Guessing With Side-Information
    Salamatian, Salman
    Huleihel, Wasim
    Beirami, Ahmad
    Cohen, Asaf
    Medard, Muriel
    IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2020, 15 : 3749 - 3759
  • [28] SSH and FTP brute-force Attacks Detection in Computer Networks: LSTM and Machine Learning Approaches
    Hossain, Md Delwar
    Ochiai, Hideya
    Doudou, Fall
    Kadobayashi, Youki
    2020 5TH INTERNATIONAL CONFERENCE ON COMPUTER AND COMMUNICATION SYSTEMS (ICCCS 2020), 2020, : 491 - 497
  • [29] A Brute-Force Algorithm for Reconstructing a Scene from Two Projections
    Enqvist, Olof
    Jiang, Fangyuan
    Kahl, Fredrik
    2011 IEEE CONFERENCE ON COMPUTER VISION AND PATTERN RECOGNITION (CVPR), 2011,
  • [30] Arnold: A Brute-Force Production Path Tracer
    Georgiev, Iliyan
    Ize, Thiago
    Farnsworth, Mike
    Montoya-Vozmediano, Ramon
    King, Alan
    Van Lommel, Brecht
    Jimenez, Angel
    Anson, Oscar
    Ogaki, Shinji
    Johnston, Eric
    Herubel, Adrien
    Russell, Declan
    Servant, Frederic
    Fajardo, Marcos
    ACM TRANSACTIONS ON GRAPHICS, 2018, 37 (03):
12345