Safeguarding academic accounts and resources with the University Credential Abuse Auditing System

IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012) Pub Date : 2012-06-25 DOI:10.1109/DSN.2012.6263961

Jing Zhang, R. Berthier, Will Rhee, Michael Bailey, P. Pal, F. Jahanian, W. Sanders

{"title":"Safeguarding academic accounts and resources with the University Credential Abuse Auditing System","authors":"Jing Zhang, R. Berthier, Will Rhee, Michael Bailey, P. Pal, F. Jahanian, W. Sanders","doi":"10.1109/DSN.2012.6263961","DOIUrl":null,"url":null,"abstract":"Whether it happens through malware or through phishing, loss of one's online identity is a real and present danger. While many attackers seek credentials to realize financial gain, an analysis of the compromised accounts at our own institutions reveals that perpetrators often steal university credentials to gain free and unfettered access to information. This nontraditional motivation for credential theft puts a special burden on the academic institutions that provide these accounts. In this paper, we describe the design, implementation, and evaluation of a system for safeguarding academic accounts and resources called the University Credential Abuse Auditing System (UCAAS). We evaluate UCAAS at two major research universities with tens of thousands of user accounts and millions of login events during a two-week period. We show the UCAAS to be useful in reducing this burden, having helped the university security teams identify a total of 125 compromised accounts with zero false positives during the trail.","PeriodicalId":236791,"journal":{"name":"IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012)","volume":"123 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"17","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSN.2012.6263961","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 17

Abstract

Whether it happens through malware or through phishing, loss of one's online identity is a real and present danger. While many attackers seek credentials to realize financial gain, an analysis of the compromised accounts at our own institutions reveals that perpetrators often steal university credentials to gain free and unfettered access to information. This nontraditional motivation for credential theft puts a special burden on the academic institutions that provide these accounts. In this paper, we describe the design, implementation, and evaluation of a system for safeguarding academic accounts and resources called the University Credential Abuse Auditing System (UCAAS). We evaluate UCAAS at two major research universities with tens of thousands of user accounts and millions of login events during a two-week period. We show the UCAAS to be useful in reducing this burden, having helped the university security teams identify a total of 125 compromised accounts with zero false positives during the trail.

查看原文本刊更多论文

利用大学证书滥用审计制度保护学术帐户和资源

无论是通过恶意软件还是通过网络钓鱼，丢失一个人的在线身份都是一个真实而现实的危险。虽然许多攻击者寻求凭据来实现经济利益，但对我们自己机构的受损账户的分析表明，犯罪者经常窃取大学凭据来获得自由和不受限制的信息访问。这种非传统的证书盗窃动机给提供这些账户的学术机构带来了特殊的负担。在本文中，我们描述了一个被称为大学证书滥用审计系统(UCAAS)的保护学术账户和资源的系统的设计、实现和评估。我们对两所主要研究型大学的UCAAS进行了评估，在两周内使用了数万个用户帐户和数百万个登录事件。我们证明了UCAAS在减轻这一负担方面是有用的，它帮助大学安全团队在追踪过程中识别了总共125个被入侵的账户，并且零误报。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012)

自引率

0.00%

发文量