Detecting SSH identity theft in HPC cluster environments using Self-organizing maps
Many of the attacks on computing clusters and grids have been performed by using stolen authentication passwords and unprotected SSH keys, therefore there is a need for a system that can detect intruders masquerading as ordinary users. Our assumption is that an attacker behaves significantly differe...
| Main Author: | |
|---|---|
| Format: | Others |
| Language: | English |
| Published: |
Linköpings universitet, Institutionen för systemteknik
2006
|
| Subjects: | |
| Online Access: | http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-6818 |
| id |
ndltd-UPSALLA1-oai-DiVA.org-liu-6818 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-UPSALLA1-oai-DiVA.org-liu-68182018-01-14T05:13:47ZDetecting SSH identity theft in HPC cluster environments using Self-organizing mapsengLeufvén, ClaesLinköpings universitet, Institutionen för systemteknikInstitutionen för systemteknik2006SSH identity theftcluster securityintrusion detectionSelf organizingComputer and Information SciencesData- och informationsvetenskapMany of the attacks on computing clusters and grids have been performed by using stolen authentication passwords and unprotected SSH keys, therefore there is a need for a system that can detect intruders masquerading as ordinary users. Our assumption is that an attacker behaves significantly different compared to an ordinary user. Previous work in this area is for example statistical analysis of process accounting using Support Vector Machines. We can formalize this into a classification problem that we will solve with Self-organizing maps. The proposed system will work in a tier model that uses process accounting and SSH log messages as data sources. Student thesisinfo:eu-repo/semantics/bachelorThesistexthttp://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-6818application/pdfinfo:eu-repo/semantics/openAccess |
| collection |
NDLTD |
| language |
English |
| format |
Others
|
| sources |
NDLTD |
| topic |
SSH identity theft cluster security intrusion detection Self organizing Computer and Information Sciences Data- och informationsvetenskap |
| spellingShingle |
SSH identity theft cluster security intrusion detection Self organizing Computer and Information Sciences Data- och informationsvetenskap Leufvén, Claes Detecting SSH identity theft in HPC cluster environments using Self-organizing maps |
| description |
Many of the attacks on computing clusters and grids have been performed by using stolen authentication passwords and unprotected SSH keys, therefore there is a need for a system that can detect intruders masquerading as ordinary users. Our assumption is that an attacker behaves significantly different compared to an ordinary user. Previous work in this area is for example statistical analysis of process accounting using Support Vector Machines. We can formalize this into a classification problem that we will solve with Self-organizing maps. The proposed system will work in a tier model that uses process accounting and SSH log messages as data sources. |
| author |
Leufvén, Claes |
| author_facet |
Leufvén, Claes |
| author_sort |
Leufvén, Claes |
| title |
Detecting SSH identity theft in HPC cluster environments using Self-organizing maps |
| title_short |
Detecting SSH identity theft in HPC cluster environments using Self-organizing maps |
| title_full |
Detecting SSH identity theft in HPC cluster environments using Self-organizing maps |
| title_fullStr |
Detecting SSH identity theft in HPC cluster environments using Self-organizing maps |
| title_full_unstemmed |
Detecting SSH identity theft in HPC cluster environments using Self-organizing maps |
| title_sort |
detecting ssh identity theft in hpc cluster environments using self-organizing maps |
| publisher |
Linköpings universitet, Institutionen för systemteknik |
| publishDate |
2006 |
| url |
http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-6818 |
| work_keys_str_mv |
AT leufvenclaes detectingsshidentitytheftinhpcclusterenvironmentsusingselforganizingmaps |
| _version_ |
1718610769117970432 |