Detecting plaintext recovery attack in secure shell (SSH)

Plaintext Recovery Attack is a new attack in security system world. It was discovered lately in the year of 2008. It is known that Secure Shell (SSH) connection is secure enough but this new discovered attack proved that there is vulnerability exist in SSH. Therefore, people need to aware of the att...

Full description

Saved in:
Bibliographic Details
Main Author: Ahmad Baidowi, Zaid Mujaiyid Putra
Format: Thesis
Language:English
Published: 2010
Subjects:
Online Access:http://eprints.utm.my/id/eprint/12076/4/ZaidMujaiyidPutraMFSKSM2010.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
id my-utm-ep.12076
record_format uketd_dc
spelling my-utm-ep.120762018-05-30T02:49:21Z Detecting plaintext recovery attack in secure shell (SSH) 2010-04 Ahmad Baidowi, Zaid Mujaiyid Putra QA75 Electronic computers. Computer science Plaintext Recovery Attack is a new attack in security system world. It was discovered lately in the year of 2008. It is known that Secure Shell (SSH) connection is secure enough but this new discovered attack proved that there is vulnerability exist in SSH. Therefore, people need to aware of the attack since it could harm computer systems and connection could be dropped. In this thesis, we proposed a new mechanism to detect the attack and alert the system user that the computer is being attacked. The methodology used is System Development Life Cycle (SDLC) by applying waterfall model. Study and analysis have been done to make sure that the all necessary information is gathered. A simple tool was developed and tested successfully to prove that the mechanism can be implemented. Input parameter is needed to simulate the attack since the attack is new. Block-by-block input parameter is sent through the SSH connection from source host to destination host. The destination host detects the attack by checking the end of block size. If the block is attacked, then the block size would be recognized as the first block. This tool helps computer users and administrators are aware of this kind of attack. The weaknesses of this new mechanism shows that it needs further research to tighten up the mechanism. 2010-04 Thesis http://eprints.utm.my/id/eprint/12076/ http://eprints.utm.my/id/eprint/12076/4/ZaidMujaiyidPutraMFSKSM2010.pdf application/pdf en public masters Universiti Teknologi Malaysia, Faculty of Computer Science and Information Systems Faculty of Computer Science and Information System
institution Universiti Teknologi Malaysia
collection UTM Institutional Repository
language English
topic QA75 Electronic computers
Computer science
spellingShingle QA75 Electronic computers
Computer science
Ahmad Baidowi, Zaid Mujaiyid Putra
Detecting plaintext recovery attack in secure shell (SSH)
description Plaintext Recovery Attack is a new attack in security system world. It was discovered lately in the year of 2008. It is known that Secure Shell (SSH) connection is secure enough but this new discovered attack proved that there is vulnerability exist in SSH. Therefore, people need to aware of the attack since it could harm computer systems and connection could be dropped. In this thesis, we proposed a new mechanism to detect the attack and alert the system user that the computer is being attacked. The methodology used is System Development Life Cycle (SDLC) by applying waterfall model. Study and analysis have been done to make sure that the all necessary information is gathered. A simple tool was developed and tested successfully to prove that the mechanism can be implemented. Input parameter is needed to simulate the attack since the attack is new. Block-by-block input parameter is sent through the SSH connection from source host to destination host. The destination host detects the attack by checking the end of block size. If the block is attacked, then the block size would be recognized as the first block. This tool helps computer users and administrators are aware of this kind of attack. The weaknesses of this new mechanism shows that it needs further research to tighten up the mechanism.
format Thesis
qualification_level Master's degree
author Ahmad Baidowi, Zaid Mujaiyid Putra
author_facet Ahmad Baidowi, Zaid Mujaiyid Putra
author_sort Ahmad Baidowi, Zaid Mujaiyid Putra
title Detecting plaintext recovery attack in secure shell (SSH)
title_short Detecting plaintext recovery attack in secure shell (SSH)
title_full Detecting plaintext recovery attack in secure shell (SSH)
title_fullStr Detecting plaintext recovery attack in secure shell (SSH)
title_full_unstemmed Detecting plaintext recovery attack in secure shell (SSH)
title_sort detecting plaintext recovery attack in secure shell (ssh)
granting_institution Universiti Teknologi Malaysia, Faculty of Computer Science and Information Systems
granting_department Faculty of Computer Science and Information System
publishDate 2010
url http://eprints.utm.my/id/eprint/12076/4/ZaidMujaiyidPutraMFSKSM2010.pdf
_version_ 1747814894948843520