Dissertations / Theses on the topic 'Dictionary Attacks'

Password cracking based on dictionary attacks have been confined only to the use of dictionary strings which make sense to both humans and the computer or are usually alphanumeric keyboard patterns. But here we also try to extend the dictionary attacks to homophones which the millennials tend to use more often. The word LOVE is used as LUV, LAV. Based on the pronunciation of a word there can be many spellings to it. Phoneme to Grapheme Correspondences have a great amount of significance here. So here in this research we try to incorporate all such words in the attacking dictionary with the highest possible probabilities to see if it has any impact on the password cracking efficiency. We use the probabilistic context-free grammar password cracker to see what our test results yield.

Existing research suggests that it is possible to detect dictionary attacks using IP flows. This type of detection was successfully implemented for SSH, LDAP and RDP protocols. To determine whether it is possible to use the same methods of detection for e-mail protocols virtual test environment was created. I deduced the characteristics of attacks in flows from the data, which I gained from this virtual environment. Than I chose the statistical value that separates the attacks from legitimate traffic. Variance of specific flow parameters was chosen as main characteristic of attacks. IP addresses with flows that have small variance of chosen parameters and high frequency of packet arrival are considered untrustworthy. Variance is calculated from IP history to rule out false positives. The IP history of legitimate user contains variation of flows which prevents marking this IP address as dangerous. On the basis of this principal the script, which detects the attacks from the nfdump output, was created. The success of detection of the attacks was tested on classificated data from the real environment. The results of tests showed, that with good configuration of marginal values the percentage of detected attacks is high and there are no false positives. Detection is not limited only on mail protocols. With regard to universal design, the script is able to detect dictionary attacks on SSH, LDAP, SIP, RDP, SQL, telnet and some other attacks.

Internet users are increasingly required to sign up for online services and establish accounts before receiving service from websites. On the one hand, generation of strong usernames and passwords is a difficult task for the user. On the other hand, memorization of strong passwords is by far more problematic for the average user. Thus, the average user has a tendency to use weak passwords, and also reuse his passwords for more than one website, which makes several attacks feasible. Under the aforementioned circumstances, the use of password managers is beneficial, since they unburden the user from the task of memorizing user credentials. However, password managers have a number of weaknesses. This thesis is mainly aimed at alleviating some of the intrinsic weaknesses of password managers. We propose three cryptographic protocols which can improve the security of password managers while enhancing user convenience. We also present the design of a phishing and Man-in-the-Browser resistant password manger which best fits into our scheme. Furthermore, we present our novel virtual on-screen keyboard and keypad which are designed to provide strong protection mechanisms against threats such as keylogging and shoulder surfing.

SQL Injections are still a prominent threat on the web. Using a custom built tool, BlindCanSeeQL (BCSQL), we will explore how to automate Blind SQL attacks to discover database schema using fewer requests than the standard methods, thus helping avoid detection from overloading a server with hits. This tool uses a web crawler to discover keywords that assist with autocompleting schema object names, along with improvements in ASCII bisection to lower the number of requests sent to the server. Along with this tool, we will discuss ways to prevent and protect against such attacks.

This thesis is focused on developing a tool that is capable of generating cyber attacks. In the opening there are introduced some attacks using the ISO/OSI application layer protocols. Specifically, these are attacks known as Slowloris, RUDY, Slow Read, HTTP flood, and dictionary attack on the SSH. These attacks are implemented into an existing DoSgen Linux tool that already contains several famous network attacks. The main part of the thesis is devoted to the description of the tool and to the implementation of its own extension. The created tool is practically tested in an experimental enviroment against the Apache web server. Part of the thesis is the documentation for the improved DoSgen tool.

The focus of this report is to discuss graphical password systems and how they can contribute to handle security problems that threaten authentication processes. One such threat is shoulder-surfing attacks, which are also reviewed in this report. Three already existing systems that are claimed to be shoulder-surfing resilient are described and a new proposed system is presented and evaluated through a user study. Moreover, the system is compared to the mentioned existing systems to further evaluate the usability, memorability and the time it takes to authenticate. The user study shows that test subjects are able to remember their chosen password one week after having registered and signed in once. It is also shown that the average time to sign in to the system after five minutes of practice is within a range of 3.30 to 5.70 seconds. The participants in the experiments gave the system an average score above 68 on the System Usability Scale, which is the score of an average system.

Abstract Carbon emissions pose a serious threat to the continued survival of this planet. All sectors of society must, therefore, lower their emissions, this includes the steel industry. The production of steel is based on iron ore reduction by carbon. In an attempt to relieve the steel industry from its inherent fossil dependence an initiative called HYBRIT has been started. It aims to supplant carbon reduction with hydrogen reduction. Currently, there is no economically viable industrial production of steel that uses fossil-free hydrogen as reduction agent. In order to create economic viability for such a process work has to be conducted to innovate and optimize. This study aims to be a part of that optimization process by creating a tool for optimizing the slag system with regards to phosphorus removal. 26843 slag compositions were evaluated using modules written in “Matlab” combined with “Thermo-Calc”. 1583 possible slag compositions were found to be suitable for phosphorus removal. These compositions were then optimized after slag weight in order to minimize slag associated cost. The compositions were tested against two theoretical raw materials with varying initial phosphorus content 250 ppm and 125 ppm. It was found that the initial phosphorus concentration of the raw material has a substantial impact not only on the slag costs but also the slag praxis that should be used.

This Thesis deals with analysis of the possiblity of password breakthrough for common compression formats and password extraction from self-extraction archives used for malicious software. Structure of compression programs, ciphers and connection between cipher and archives is described. Common and specialized attacks on archives and ciphers are described. Structure of self-extracting archives and password location is used to create extractor of passwords in self-extracting archives.

This master thesis deals with ways to store passwords in current operating systems. Specifically, this work focuses on Windows, Linux, BSD and OS X. These systems are examined for ways of hashing passwords and on resistance of resulting hashes against various attacks. First (theoretical) section describes the procedures and algorithms that are needed for user authentication. This part also describes methods of hash storing. At the end of the theoretical part are generally described some possible attacks against hash functions. In second (practical) part is described and tested tools for obtaining hashes of the investigated operating systems. Subsequently practical attacks were conducted against obtained hashes by using appropriate tools. Furthermore there are presented results of the attacks. In the conclusion of the work there is a comparison of tools and methods which were used to obtain plaintext passwords from operating systems.

This thesis describes passwords cracking using probabilistic context-free grammars, specifically PCFG Cracker tool. The aim of the thesis is to design and implement enhancements to this tool, which reduce the size of output dictionaries while maintaining acceptable success rate. This work also solves critical parts in the tool that slow down the overall duration of the program. Another goal of the thesis is to analyze and implement targeted attack dictionaries that increase the scope and success rate of generated passwords.

Master thesis focuses on wireless network security. The thesis is divided in two parts. First part describes today’s used standards and their components, topology and security methods as stealth SSID, MAC addresses filtration, WEP, WPA and WPA2. The last three methods are described in detail. In second part there are realized attacks on above described methods of security. There are described attacks on WEP as KoreK chopchop attack, fragment attack, attack FMS, KoreK and attack PTW. Then is described the dictionary attack on passphrase by WPA/WPA2 with PreShared Key authentication obtaining, precomputed hash tables for faster passphrase finding and for using more core procesors during dictionary browsing. The last attack describes obtaining of keystream used for encrypting of frames by WPATKIP and then sending custom data to client. It is described how to carry out each attack and how to protect against them.

Every website, computer and IT system have users who need to verify their identity throughauthentication. The most common form of authentication today is to apply an alphanumericpassword. Passwords are often based on biographical information that can be derived from the userhimself and common elements that are usually utilized while creating passwords are names, petnames, family related, and date of birth. While passwords today are often based on the individual'sbiographical elements, the police have problems cracking encrypted devices because it takes a longtime and is complex to identify the correct password among all possible combinations. This problemis the basis for the work and is the reason why this model for how biographical dictionaries should bestructured and contain is created. To design the model, a literature review has been carried outwhere elements have been defined and a structure formed. Interviews with IT forensics from thepolice and NFC were then held to refine the different elements and structure of the initial model andto create a reality anchor. The result of this work is a product in the form of a model that can be usedto create biographical dictionaries based on target people. The model demonstrates whichbiographical elements are relevant for finding potential passwords. The conclusion drawn is that themodel can facilitate the work of the police and IT forensics when it comes to cracking people'sbiographical passwords. By using a dictionary that is built with the model, time-consuming attackssuch as brute-force attacks or more general dictionary attacks do not need to be applied.
Till varje hemsida, dator och IT-system finns användare som behöver verifiera sin identitet genomautentisering. Den vanligaste formen av autentisering är idag att applicera ett alfanumerisktlösenord. Lösenord bygger ofta på biografiska uppgifter som kan härledas från användaren själv ochvanliga element som brukar användas vid lösenordsgenerering är: namn, husdjursnamn, familj ochfödelsedatum. Samtidigt som lösenord idag ofta bygger på individens biografiska element har polisenproblem att knäcka krypterade enheter på grund av att det tar lång tid och är väldigt komplext attidentifiera rätt lösenord bland alla möjliga kombinationer. Detta problem ligger till grund för arbetetsamt är orsaken till varför denna modell för hur biografiska ordböcker ska vara strukturerade ochinnehålla skapas. För att utforma modellen har en litteraturöversikt genomförts där element hardefinierats och en struktur formats. Intervjuer med IT-forensiker från polisen och NFC hölls därefterför att förädla den initiala modellens olika element och struktur samt att skapa enverklighetsförankring. Resultatet av detta arbete är en slutprodukt i form av en modell som går attnyttja för att skapa biografiska ordböcker utifrån målpersoner. Modellen påvisar vilka biografiskaelement som är relevanta för att hitta potentiella lösenord. Slutsatsen som dras gör gällande attmodellen kan underlätta polisens och IT-forensikers arbete när det kommer till att knäcka personersbiografiska lösenord. Genom att nyttja en ordbok som är uppbyggd med modellen behöver intetidskrävande angrepp som ”brute force” attacker eller mer generella ordboksattacker appliceras.

Detta examensarbete är en utvärdering av nätverkssäkerheten hos J BiL AB, både på social och teknisk nivå. Företaget är beroende av säkra Internet-anslutningar för att nå externa tjänster och interna servrar lokaliserade på olika geografiska platser. Företaget har ingen IT-ansvarig som aktivt underhåller och övervakar nätverket, utan konsulterar ett externt dataföretag. Syftet med examensarbetet är att utvärdera säkerheten, upptäcka brister, ge förbättringsförslag och till viss del implementera lösningar. För att undersöka säkerheten har observationer och intervjuer med personalen gjorts och ett flertal attacker mot nätverket har utförts. Utifrån den data som samlats in kunde slutsatsen dras att företaget har brister vad gäller IT-säkerheten. Framförallt den sociala säkerheten visade sig ha stora luckor vilket till stor del beror på att de anställda varken har blivit utbildade eller fått någon information om hur de ska hantera lösenord, datorer och IT-frågor i allmänt. Förbättringsförslag har getts och viss implementation har genomförts för att eliminera bristerna. De anställda har även med hjälp av en IT-policy och föreläsning blivit utbildade i hur de ska agera och tänka kring IT-relaterade säkerhetsfrågor.
The aim of this project is to evaluate the network security at J Bil AB. The focus will be on both social and technical issues. For the employees to be able to con-nect to remote servers and external services and perform their daily work tasks, secure connections is needed. J Bil Ab has no IT manager who actively maintains and monitors the network; rather they consult a computer company when changes and implementations are required. The projects’ goal is to identify gaps, come up with suggestions for improvement and to some extent implement so-lutions. To do this, an observation of the employees hav been made, an inter-view have been held, and several attacks on the network have been performed. Based on the data collected, it was concluded that the company has shortcom-ings in IT security. Above all, the social security appeared to have major gaps in it and that is mainly because the lack of knowledge among the employees and they have never been informed of how to manage their passwords, computers and IT issues in general. Suggestions for improvement have been given and some implementations have been performed to eliminate the deficiencies.

碩士
國立高雄大學
亞太工商管理學系碩士班
97
With the rapid growth of technology, there are many applications system needs to authenticate in the Internet environment. User account and password is a simply and general way for authentication in network. The dictionary attack means that attackers attempt to login some user accounts illegally by trying all possible password. There are a lot of login failed SSH service login records in the system authentication logs file, that become a usually situation on the Taiwan Academic Network environment. It implies that dictionary attack is a serious intrusive event. In this paper, we propose a classification-based detection module to detect SSH dictionary attack. We used three data mining classification algorithms, Naïve Bayes, decision tree and SVM to build our SSH dictionary attack detection module. We collected real world NetFlow traffic data in a month as our training samples to build our detection system. Our empirical evaluation results show that the proposed detection module reaches above 90% detection accuracy. Further, we used detection module and NetFlow history data to develop the SSH dictionary attack tracking algorithm. We try to find out the topology of IP address that launched SSH dictionary attack, and try to trace back the origin of SSH dictionary attacker. This research result that could be helps the network managers to detect implicit dictionary attack behaviors to improve the network security.

The practice of spamming (sending unsolicited electronic communications) has been dubbed “the scourge of the 21st century” affecting different stakeholders. This practice is also credited for not only disrupting electronic communications but also, it overloads electronic systems and creates unnecessary costs for those affected than the ones responsible for sending such communications. In trying to address this issue nations have implemented anti-spam laws to combat the scourge. South Africa not lagging behind, has put in place anti-spam provisions to deal with the scourge. The anti-spam provisions are scattered in pieces of legislation dealing with diverse issues including: consumer protection; direct marketing; credit laws; and electronic transactions and communications. In addition to these provisions, an Amendment Bill to one of these laws and two Bills covering cybercrimes and cyber-security issues have been published. In this thesis, a question is asked on whether the current fragmented anti-spam provisions are adequate in protecting consumers. Whether the overlaps between these pieces of legislation are competent to deal with the ever increasing threats on electronic communications at large. Finally, the question as to whether a multi-faceted approach, which includes a Model Law on spam would be a suitable starting point setting out requirements for the sending of unsolicited electronic communications can be sufficient in protecting consumers. And as spam is not only a national but also a global problem, South Africa needs to look at the option of entering into mutual agreements with other countries and organisations in order to combat spam at a global level.
Mercantile Law
LL. D.