Jianzhou You, Bozhong Liu, Yang Wang, Laiyoumei Jiang
{"title":"使用长期蜜罐数据跟踪密码泄露的流行程度","authors":"Jianzhou You, Bozhong Liu, Yang Wang, Laiyoumei Jiang","doi":"10.1117/12.2682267","DOIUrl":null,"url":null,"abstract":"Passwords are critical issues in the world of cyber security. Unfortunately, despite best efforts, passwords continue to be compromised and leaked onto the Internet, leading to an alarming number of compromised passwords in circulation. In this study, we compare honeypot-captured data from 2021 and 2023 to measure the prevalence of compromised passwords in real-world cyberattacks. Specially, we designed and deployed an online SSH honeypot on the cloud server to capture the latest cyber intelligence in the wild. Our findings show that over 90% of brute force attacks involve the use of compromised passwords, indicating a high level of password vulnerability. Additionally, we observe that the effectiveness of strong-password policies in mitigating such attacks appears limited. This study highlights the need for better password security strategies to counter the high prevalence of compromised passwords in cyberattacks.","PeriodicalId":177416,"journal":{"name":"Conference on Electronic Information Engineering and Data Processing","volume":"32 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Tracking the prevalence of compromised passwords using long-term honeypot data\",\"authors\":\"Jianzhou You, Bozhong Liu, Yang Wang, Laiyoumei Jiang\",\"doi\":\"10.1117/12.2682267\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Passwords are critical issues in the world of cyber security. Unfortunately, despite best efforts, passwords continue to be compromised and leaked onto the Internet, leading to an alarming number of compromised passwords in circulation. In this study, we compare honeypot-captured data from 2021 and 2023 to measure the prevalence of compromised passwords in real-world cyberattacks. Specially, we designed and deployed an online SSH honeypot on the cloud server to capture the latest cyber intelligence in the wild. Our findings show that over 90% of brute force attacks involve the use of compromised passwords, indicating a high level of password vulnerability. Additionally, we observe that the effectiveness of strong-password policies in mitigating such attacks appears limited. This study highlights the need for better password security strategies to counter the high prevalence of compromised passwords in cyberattacks.\",\"PeriodicalId\":177416,\"journal\":{\"name\":\"Conference on Electronic Information Engineering and Data Processing\",\"volume\":\"32 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-05-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Conference on Electronic Information Engineering and Data Processing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1117/12.2682267\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Conference on Electronic Information Engineering and Data Processing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1117/12.2682267","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Tracking the prevalence of compromised passwords using long-term honeypot data
Passwords are critical issues in the world of cyber security. Unfortunately, despite best efforts, passwords continue to be compromised and leaked onto the Internet, leading to an alarming number of compromised passwords in circulation. In this study, we compare honeypot-captured data from 2021 and 2023 to measure the prevalence of compromised passwords in real-world cyberattacks. Specially, we designed and deployed an online SSH honeypot on the cloud server to capture the latest cyber intelligence in the wild. Our findings show that over 90% of brute force attacks involve the use of compromised passwords, indicating a high level of password vulnerability. Additionally, we observe that the effectiveness of strong-password policies in mitigating such attacks appears limited. This study highlights the need for better password security strategies to counter the high prevalence of compromised passwords in cyberattacks.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
