Kex-Filtering: A Proactive Approach to Filtering

Fabrizio Baiardi; Filippo Boni; Giovanni Braccini; Emanuele Briganti; Luca Deri; Luca Deri

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Kex-Filtering: A Proactive Approach to Filtering

Topics: Intrusion Detection & Prevention; Network Security; Security and Privacy in the Cloud; Security Protocols

In Proceedings of the 21st International Conference on Security and Cryptography SECRYPT - Volume 1, 528-535, 2024 , Dijon, France

Authors: Fabrizio Baiardi ¹ ; Filippo Boni ¹ ; Giovanni Braccini ¹ ; Emanuele Briganti ² and Luca Deri ^{1

;

3}

Affiliations: ¹ Dip. di Informatica, Universita di Pisa, Largo Bruno Pontecorvo, Pisa, Italy ; ² ReeVo Cloud & Cyber Security, Italy ; ³ Ntop, Italy

Keyword(s): IP Blacklist, Hash, Botnet, Hassh, SSH Configuration, Honeypot, Network Fingerprint.

Abstract: Kex-Filtering is a method to identify malicious nodes by analyzing their configuration when they try to connect as clients to an SSH server. The process adopts the hassh hashing network fingerprinting standard to discover and record the distinct configurations of malicious SSH clients. The method computes an MD5 hash during the SSH handshake when the client and server exchange their SSH configurations, including a specific range of algorithms to establish a secure SSH channel. Kex-Filtering fully exploits that, to simplify botnet management, a large number of nodes of a botnet share the same configuration of their SSH clients. Experimental data collected through honeypots confirm that Kex-Filtering stops a large percentage of attacks and it results in a very low number of false positives and negatives even when using few hashes.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 13.58.247.196

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Baiardi, F., Boni, F., Braccini, G., Briganti, E. and Deri, L. (2024). Kex-Filtering: A Proactive Approach to Filtering. In Proceedings of the 21st International Conference on Security and Cryptography - SECRYPT; ISBN 978-989-758-709-2; ISSN 2184-7711, SciTePress, pages 528-535. DOI: 10.5220/0012788700003767

@conference{secrypt24,
author={Fabrizio Baiardi and Filippo Boni and Giovanni Braccini and Emanuele Briganti and Luca Deri},
title={Kex-Filtering: A Proactive Approach to Filtering},
booktitle={Proceedings of the 21st International Conference on Security and Cryptography - SECRYPT},
year={2024},
pages={528-535},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012788700003767},
isbn={978-989-758-709-2},
issn={2184-7711},
}

TY - CONF

JO - Proceedings of the 21st International Conference on Security and Cryptography - SECRYPT
TI - Kex-Filtering: A Proactive Approach to Filtering
SN - 978-989-758-709-2
IS - 2184-7711
AU - Baiardi, F.
AU - Boni, F.
AU - Braccini, G.
AU - Briganti, E.
AU - Deri, L.
PY - 2024
SP - 528
EP - 535
DO - 10.5220/0012788700003767
PB - SciTePress