On Attacking Kerberos Authentication Protocol in Windows Active Directory Services: A Practical Survey
Autor:
Díaz Motero, Carlos
; Bermejo Higuera, Juan Ramón
; Bermejo-Higuera, Javier
; Sicilia, Juan Antonio
; Gámez, Nádia
Fecha:
2021Palabra clave:
Revista / editorial:
Institute of Electrical and Electronics Engineers Inc.Tipo de Ítem:
articleDirección web:
https://ieeexplore.ieee.org/document/9501961/authors#authorsResumen:
Organizations use Active Directory Windows service to authenticate users in a network with the extended Kerberos Authentication protocol. Therefore, it is necessary to investigate its resistance to the different types of attacks it can suffer, the best way to detect them and to parameterize it to mitigate the effects of the attacks. This work analyzes the main Kerberos attacks in Active Directory Windows networks, inherent in the design of the protocol and not resolved. For each attack the objective is studied, implementation is developed in a virtual laboratory and detection is analyzed, proposing measures for mitigation and response. Subsequently, they are discussed in a general way and the results of the attacks are analyzed according to some parameters. As conclusions of the work carried out, it should be noted that although the attacks are mostly difficult to implement, their detection is even more complicated, and the damage is very severe so it's necessary to continuously monitor the logs in these environments to detect them and taking into account strict recommendations for mitigation and response.
Este ítem aparece en la(s) siguiente(s) colección(es)
Estadísticas de uso
Año |
2012 |
2013 |
2014 |
2015 |
2016 |
2017 |
2018 |
2019 |
2020 |
2021 |
2022 |
2023 |
2024 |
Vistas |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
65 |
64 |
113 |
Descargas |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
Ítems relacionados
Mostrando ítems relacionados por Título, autor o materia.
-
The application of blockchain algorithms to the management of education certificates
Maestre, Raúl Jaime; Bermejo-Higuera, Javier; Gámez, Nádia; Bermejo Higuera, Juan Ramón; Sicilia, Juan Antonio; Orcos, Lara (Evolutionary Intelligence, 2023)Blockchain is a new application technology in many sectors and the same is true in the world of education. Therefore, there is an increasingly emerging need to research blockchain technology, as it is still taking its first ... -
Systematic Approach to Malware Analysis (SAMA)
Bermejo-Higuera, Javier; Abad-Aramburu, Carlos; Bermejo Higuera, Juan Ramón; Sicilia Urban, Miguel Ángel; Sicilia, Juan Antonio (Applied Sciences, 02/2020)Malware threats pose new challenges to analytic and reverse engineering tasks. It is needed for a systematic approach to that analysis, in an attempt to fully uncover their underlying attack vectors and techniques and find ... -
MMALE a methodology for malware analysis in linux environments
de Vicente Mohino, José Javier ; Bermejo-Higuera, Javier; Bermejo Higuera, Juan Ramón; Sicilia, Juan Antonio ; Sánchez Rubio, Manuel ; Martínez Herraiz, José-Javier (Computers, materials and continua, 2021)In a computer environment, an operating systemis prone to malware, and even the Linux operating system is not an exception. In recent years, malware has evolved, and attackers have becomemore qualified compared to a fewyears ...