期刊文献+
共找到2篇文章
< 1 >
每页显示 20 50 100
A Strategy for Middleman Attack Prevention in Remote Desktop Protocol 被引量:1
1
作者 何泾沙 徐琛 +1 位作者 张伊璇 周世义 《Journal of Shanghai Jiaotong university(Science)》 EI 2015年第1期82-85,共4页
This paper introduces the middleman attack methods which are against the remote desktop protocol(RDP),discusses advantages and disadvantages of several current mainstream prevention strategies,and puts forward a new p... This paper introduces the middleman attack methods which are against the remote desktop protocol(RDP),discusses advantages and disadvantages of several current mainstream prevention strategies,and puts forward a new prevention strategy.The strategy,taking advantage of the original key agreement process of the RDP,designs a piecewise authentication scheme of the key agreement.Using the strategy can achieve the purpose of prevention and detection of middleman attacks.Finally,the security of the strategy is analyzed. 展开更多
关键词 remote desktop protocol(RDP) key agreement middleman attack prevention and detection
原文传递
Advanced Persistent Threat Detection and Mitigation Using Machine Learning Model
2
作者 U.Sakthivelu C.N.S.Vinoth Kumar 《Intelligent Automation & Soft Computing》 SCIE 2023年第6期3691-3707,共17页
The detection of cyber threats has recently been a crucial research domain as the internet and data drive people’s livelihood.Several cyber-attacks lead to the compromise of data security.The proposed system offers c... The detection of cyber threats has recently been a crucial research domain as the internet and data drive people’s livelihood.Several cyber-attacks lead to the compromise of data security.The proposed system offers complete data protection from Advanced Persistent Threat(APT)attacks with attack detection and defence mechanisms.The modified lateral movement detection algorithm detects the APT attacks,while the defence is achieved by the Dynamic Deception system that makes use of the belief update algorithm.Before termination,every cyber-attack undergoes multiple stages,with the most prominent stage being Lateral Movement(LM).The LM uses a Remote Desktop protocol(RDP)technique to authenticate the unauthorised host leaving footprints on the network and host logs.An anomaly-based approach leveraging the RDP event logs on Windows is used for detecting the evidence of LM.After extracting various feature sets from the logs,the RDP sessions are classified using machine-learning techniques with high recall and precision.It is found that the AdaBoost classifier offers better accuracy,precision,F1 score and recall recording 99.9%,99.9%,0.99 and 0.98%.Further,a dynamic deception process is used as a defence mechanism to mitigateAPTattacks.A hybrid encryption communication,dynamic(Internet Protocol)IP address generation,timing selection and policy allocation are established based on mathematical models.A belief update algorithm controls the defender’s action.The performance of the proposed system is compared with the state-of-the-art models. 展开更多
关键词 Advanced persistent threats lateral movement detection dynamic deception remote desktop protocol Internet protocol attack detection
下载PDF
上一页 1 下一页 到第
使用帮助 返回顶部