SSH Keystroke Timing Attacks - PowerPoint PPT Presentation

About This Presentation

Title:

SSH Keystroke Timing Attacks

Description:

No problems, right? WRONG !! Maybe? su. UNIX 'Switch User' command (used to get ... No definite packet signature for calling ssh' How late(ncy) is your network ... – PowerPoint PPT presentation

Number of Views:83

Avg rating:3.0/5.0

Slides: 20

Provided by: ITCL3

Learn more at: https://www.cs.virginia.edu

Category:

Tags: ssh | attacks | keystroke | signature | timing

Transcript and Presenter's Notes

Title: SSH Keystroke Timing Attacks

1
SSH Keystroke Timing Attacks
Mike Hogye Thad Hughes Josh Sarfaty Joe Wolf
2
(No Transcript)
3
SSH
The Secure SHell protocol was created by Tatu
Ylönen and others to provide encrypted data
transfers between remote machines
MmmmSSH
4
SSH Weaknesses

SSH can leak information about passwords
Approximate length of password can be inferred by
examining number of packets.
Keystroke Timing Analysis can reduce the search
space for brute force attacks.

5
Password Keystroke Timing

Users type passwords often
Password keystrokes develop consistent rhythm due
to optimized hand motion
This rhythm can be used to determine
characteristics about the password

6
(No Transcript)
7
(No Transcript)
8
SSH Immediate Mode

Each keystroke is sent IMMEDIATELY from client to
server, one character per packet
Allows interactive user experience

9
Passwords SSH

SSH login does NOT used immediate mode
Password (and username) packets are padded to
fixed lengths
No problems, right?

WRONG !!
Maybe?
10
su

UNIX Switch User command (used to get root
access)
Executed in IMMEDIATE mode

SSH1 su command
11
Nested SSH

Start new SSH session from within a running SSH
session
Username and password sent to server B in
immediate mode

12
So What?

Password lengths can be determined
Reveals timing information of password keystrokes
Academically speaking, this is a lot of
information

13
Is This Practical?

How to detect an su command?
How to detect a nested SSH session?
Network latency

14
Detecting the su
I am a su

Look for the su signature
Not as easy as it sounds

SSH2 su command
15
SSH! (nested)

Theoretically similar to detecting su
In practice, much harder to detect
No definite packet signature for calling ssh

16
How late(ncy) is your network

Random network delay influences observed packet
times
Songs paper considered latency statistics
Determined that latency is not an issue
Used eight year old statistics
Songs estimated network latency 10 ms
Modern latency easily reaches 170 ms

17
Internet Latency
18
Conclusions

Song Timing analysis can reduce brute-force
password search by a factor of 50
In practice, this is unlikely
Use SSH2
PuTTY defaults to SSH1

19
(No Transcript)

Write a Comment

User Comments (0)

About PowerShow.com

Recommended Relevance Latest Highest Rated Most Viewed

Sort by:

Related More from user

CrystalGraphics Presentations

Introducing-PowerShowcom PowerPoint PPT Presentation

Introducing-PowerShowcom - Introducing-PowerShowcom (Without Music)

CrystalGraphics 3D Character Slides for PowerPoint PowerPoint PPT Presentation

CrystalGraphics 3D Character Slides for PowerPoint - CrystalGraphics 3D Character Slides for PowerPoint

Chart and Diagram Slides for PowerPoint PowerPoint PPT Presentation

Chart and Diagram Slides for PowerPoint - Beautifully designed chart and diagram s for PowerPoint with visually stunning graphics and animation effects. Our new CrystalGraphics Chart and Diagram Slides for PowerPoint is a collection of over 1000 impressively designed data-driven chart and editable diagram s guaranteed to impress any audience. They are all artistically enhanced with visually stunning color, shadow and lighting effects. Many of them are also animated. And they’re ready for you to use in your PowerPoint presentations the moment you need them. – PowerPoint PPT presentation

Related Presentations

Secure Shell PowerPoint PPT Presentation

Secure Shell - Secure Shell SSH. Tam Ngo. Steve Licking. cs265. Overview. Introduction. Brief History and Background of SSH. Differences between SSH-1 and SSH-2 ... | PowerPoint PPT presentation | free to view

Authers:dawn xiaodong song,david wagner xuqing tian publication:usenix security simposium 2001 presenter: hiral chhaya for cap 6133 PowerPoint PPT Presentation

Authers:dawn xiaodong song,david wagner xuqing tian publication:usenix security simposium 2001 presenter: hiral chhaya for cap 6133 - User establish SSH session between A and B. Another session from B to C ... Let the client send keystroke packets at a constant rate. Novel idea. Nice technique ... | PowerPoint PPT presentation | free to view

securing linux PowerPoint PPT Presentation

securing linux - securing linux attacks from the outside outside versus inside attacks from the outside have all the cool toys have all the notoriety attacks from the inside less ... | PowerPoint PPT presentation | free to view

Computer Crimes Examples of Network Security Attacks PowerPoint PPT Presentation

Computer Crimes Examples of Network Security Attacks - Introduced in August 1998 by Cult of the Dead Cow (cDc); Free from http://www.cultdeadcow.com ... gather passwords: dialup, network access, screensaver ... | PowerPoint PPT presentation | free to view

Chapter 8 Phase3: Gaining Access Using Network Attacks PowerPoint PPT Presentation

Chapter 8 Phase3: Gaining Access Using Network Attacks - ... switched LANs Injects traffic into the LAN to redirect victim s traffic to attacker Dsniff Active sniffer http://www.monkey.org/~dugsong/dsniff Runs on ... | PowerPoint PPT presentation | free to view

Case study: SSH PowerPoint PPT Presentation

Case study: SSH - Will concentrate on SSH-2 protocol ... http://www.ietf.org/html.charters/secsh-charter.html. See also http: ... blowfish-cbc RECOMMENDED Blowfish in CBC mode ... | PowerPoint PPT presentation | free to view

Case study: SSH PowerPoint PPT Presentation

Case study: SSH - Case study: SSH. Lecture Notes for 91.561. UMass Lowell Computer Science. David Martin ... blowfish-cbc RECOMMENDED Blowfish in CBC mode ... | PowerPoint PPT presentation | free to view

Security Introduction PowerPoint PPT Presentation

Security Introduction - ... notice of trust e.g. BT Trustwise on MFI's site - these are ... Records every keystroke you make whether you are sending an email or writing a word document ... | PowerPoint PPT presentation | free to view

SSH PowerPoint PPT Presentation

SSH - 3: VPN (1 specifically VPN tunneling via SSH) Added SSL since it fits some ... SSH2, F-Secure, and OpenSSH (& Cygwin) SSH2: command line only, ~10 sessions ... | PowerPoint PPT presentation | free to view

HACKED Kuala Lumpur, Malaysia PowerPoint PPT Presentation

HACKED Kuala Lumpur, Malaysia - Corporate Espionage, Password Stealing, IP Violation, Spying, etc. Tools: ... Yahoo, Amazon, Ebay, BUY.com brought down for more than 48 hours! ... | PowerPoint PPT presentation | free to view

MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites PowerPoint PPT Presentation

MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites - MITHRIL: Adaptable Security for Survivability in Collaborative Computing Sites NCSA: Von Welch, Jim Basney, Himanshu Khurana NRL CCS: Ken Hornstein | PowerPoint PPT presentation | free to view

Detecting Backdoors and Stepping Stones PowerPoint PPT Presentation

Detecting Backdoors and Stepping Stones - Two big headaches for intrusion detection. Ease of returning to a compromised system ... Standard service on non-standard port, or on standard port associated ... | PowerPoint PPT presentation | free to view

INFORMATION SECURITY LAW PowerPoint PPT Presentation

INFORMATION SECURITY LAW - Software: purchased or developed programs ... Hacking: intentional access without authorization or in excess of authorization ... | PowerPoint PPT presentation | free to view

An Introduction to Intrusion Detection/Prevention, Vulnerability Assessment and related Technologies PowerPoint PPT Presentation

An Introduction to Intrusion Detection/Prevention, Vulnerability Assessment and related Technologies - Essentially a combination of access control (firewall/router) and intrusion detection ... Worms, e.g. Blaster and MyDoom, that match a signature can be blocked. ... | PowerPoint PPT presentation | free to view

IC3 - Network Security PowerPoint PPT Presentation

IC3 - Network Security - An Introduction to Intrusion Detection and Vulnerability Assessment RHUL, 8-Dec-2003 Andreas Fuchsberger & Robert Christian, F.A.C.T.S. Group Agenda Basics ... | PowerPoint PPT presentation | free to view

Spyware PowerPoint PPT Presentation

Spyware - ... Spyware Worm Hack Spam Mail Cyber Attack ... Spamming ... | PowerPoint PPT presentation | free to view

CyberArk Interview Questions and Answers for 2022 PowerPoint PPT Presentation

CyberArk Interview Questions and Answers for 2022 - The CyberArk Certification is for Cybersecurity experts who want to enhance their learning skills in the critical identity and access management layer of security. CyberArk is a privileged access management company that provides the most comprehensive security solution for any identity, human or machine, across business apps, remote workforces, hybrid cloud workloads, and the DevOps lifecycle. | PowerPoint PPT presentation | free to view

CyberArk Interview Questions and Answers for 2023 PowerPoint PPT Presentation

CyberArk Interview Questions and Answers for 2023 - The CyberArk training develops your skills and provides the expertise needed to build, deploy, and configure the Privileged Account Security Solution. CyberArk course provides a variety of options to choose from. | PowerPoint PPT presentation | free to view

CyberArk Interview Questions and Answers for 2022 PowerPoint PPT Presentation

CyberArk Interview Questions and Answers for 2022 - CyberArk offers several training options to help individuals gain the knowledge and skills required to implement and administer CyberArk's privileged access security solutions. The CyberArk training develops your skills and provides the expertise needed to build, deploy, and configure the Privileged Account Security Solution. CyberArk course provides a variety of options to choose from. https://www.infosectrain.com/courses/cyberark-training/ | PowerPoint PPT presentation | free to view

OpenSSH Monitoring and Analysis for OpenSSH 5.x PowerPoint PPT Presentation

OpenSSH Monitoring and Analysis for OpenSSH 5.x - NERSC is supported by the Office of Advanced Scientific Computing ... No application reassembly vi and emacs provide a somewhat murky picture. Design Overview ... | PowerPoint PPT presentation | free to view

Corporate Profile - See if it becomes available again, or you can restart your computer. ... as 'How to find Windows NT passwords,' 'Hacking into Computers' & 'Easy Hacking' ... | PowerPoint PPT presentation | free to view

Cosc 4750 PowerPoint PPT Presentation

Cosc 4750 - Cosc 4750 Networking SNMP The Simple Network Management Protocol Can be used for gathering stat s and managing network hardware Some applications that been created ... | PowerPoint PPT presentation | free to view

Pakistan Nukes YouTube PowerPoint PPT Presentation

Pakistan Nukes YouTube - cgi-bin/phf?Qalias=x /bin/cat /etc/passwd is a newline ... It had a famous buffer overflow vulnerability that was exploited by the Slapper worm ... | PowerPoint PPT presentation | free to view

Detecting Stepping Stones PowerPoint PPT Presentation

Detecting Stepping Stones - Divide a Connection into several time windows and count character frequencies in ... time. Correlated OFF periods ... the number of OFF periods in each ... | PowerPoint PPT presentation | free to view

Operating System Security PowerPoint PPT Presentation

Operating System Security - Compromising a password gives an attacker a way to impersonate or hijack a user's identity ... Make sure to include management in this process ... | PowerPoint PPT presentation | free to view

Operating System Security PowerPoint PPT Presentation

Operating System Security - Attackers are well aware of the security vulnerabilities in operating systems ... than IIS, but still has possible vulnerabilities if not configured carefully ... | PowerPoint PPT presentation | free to view

CIT 016 Review for Final PowerPoint PPT Presentation

CIT 016 Review for Final - CIT 016 Review for Final Security+ Guide to Network Security Fundamentals Second Edition Defining Information Security Three characteristics of information must be ... | PowerPoint PPT presentation | free to view