Preventing Pass-the-Hash and Similar Impersonation Attacks in Enterprise Infrastructures

2016 IEEE 30th International Conference on Advanced Information Networking and Applications (AINA) Pub Date : 2016-03-23 DOI:10.1109/AINA.2016.101

Alexander Oberle, Pedro Larbig, R. Marx, F. Weber, D. Scheuermann, D. Fages, F. Thomas

{"title":"Preventing Pass-the-Hash and Similar Impersonation Attacks in Enterprise Infrastructures","authors":"Alexander Oberle, Pedro Larbig, R. Marx, F. Weber, D. Scheuermann, D. Fages, F. Thomas","doi":"10.1109/AINA.2016.101","DOIUrl":null,"url":null,"abstract":"Industrial espionage through complex cyber attacks such as Advanced Persistent Threats (APT) is an increasing risk in any business segment. Combining any available attack vector professional attackers infiltrate their targets progressively, e.g. through combining social engineering with technical hacking. The most relevant targets of APT are internal enterprise and production networks providing access to top-secret information. This work focuses on preventing Pass-the-Hash, one of the biggest and most long-standing security flaws present in enterprise domain networks. The introduced approach can be applied further to make password theft pointless for attackers in general, and is capable of extending network protocols, that are unprotected by themselves, with approved security mechanisms. The protocols do not need to be modified and already existing network services can stay untouched when integrating the solution into enterprise infrastructures.","PeriodicalId":438655,"journal":{"name":"2016 IEEE 30th International Conference on Advanced Information Networking and Applications (AINA)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-03-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE 30th International Conference on Advanced Information Networking and Applications (AINA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AINA.2016.101","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

Industrial espionage through complex cyber attacks such as Advanced Persistent Threats (APT) is an increasing risk in any business segment. Combining any available attack vector professional attackers infiltrate their targets progressively, e.g. through combining social engineering with technical hacking. The most relevant targets of APT are internal enterprise and production networks providing access to top-secret information. This work focuses on preventing Pass-the-Hash, one of the biggest and most long-standing security flaws present in enterprise domain networks. The introduced approach can be applied further to make password theft pointless for attackers in general, and is capable of extending network protocols, that are unprotected by themselves, with approved security mechanisms. The protocols do not need to be modified and already existing network services can stay untouched when integrating the solution into enterprise infrastructures.

查看原文本刊更多论文

防止企业基础设施中的传递哈希和类似的模拟攻击

通过高级持续威胁(APT)等复杂网络攻击进行的工业间谍活动在任何业务部门都是日益增加的风险。结合任何可用的攻击向量，专业攻击者逐步渗透目标，例如通过将社会工程与技术黑客相结合。APT最相关的目标是提供绝密信息访问的企业内部和生产网络。这项工作的重点是防止传递哈希，这是企业域网络中存在的最大和最长期的安全漏洞之一。所引入的方法可以进一步应用，使密码盗窃对攻击者来说毫无意义，并且能够扩展网络协议，这些协议本身不受保护，具有经过批准的安全机制。在将解决方案集成到企业基础设施中时，不需要修改协议，并且可以保持现有的网络服务不变。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2016 IEEE 30th International Conference on Advanced Information Networking and Applications (AINA)

自引率

0.00%

发文量