Detecting plaintext recovery attack in secure shell (SSH)
Plaintext Recovery Attack is a new attack in security system world. It was discovered lately in the year of 2008. It is known that Secure Shell (SSH) connection is secure enough but this new discovered attack proved that there is vulnerability exist in SSH. Therefore, people need to aware of the att...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2010
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/12076/4/ZaidMujaiyidPutraMFSKSM2010.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Plaintext Recovery Attack is a new attack in security system world. It was discovered lately in the year of 2008. It is known that Secure Shell (SSH) connection is secure enough but this new discovered attack proved that there is vulnerability exist in SSH. Therefore, people need to aware of the attack since it could harm computer systems and connection could be dropped. In this thesis, we proposed a new mechanism to detect the attack and alert the system user that the computer is being attacked. The methodology used is System Development Life Cycle (SDLC) by applying waterfall model. Study and analysis have been done to make sure that the all necessary information is gathered. A simple tool was developed and tested successfully to prove that the mechanism can be implemented. Input parameter is needed to simulate the attack since the attack is new. Block-by-block input parameter is sent through the SSH connection from source host to destination host. The destination host detects the attack by checking the end of block size. If the block is attacked, then the block size would be recognized as the first block. This tool helps computer users and administrators are aware of this kind of attack. The weaknesses of this new mechanism shows that it needs further research to tighten up the mechanism. |
|---|