An investigation of the current situation regarding SSH related attacks by the use of Kippo honeypots
Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis
This report investigated the current situation regarding attacks targeting the SSH protocol. The study included Kippo SSH honeypots that were deployed in a residential- and campus environment for a duration of 31 days. As part of the study a comparison between these environments was done to identify differences and similarities. A similar comparison was made with related studies in order to view tendencies and trends. Important data that was extracted and examined were the scale of the attacks, username/password combinations, attack activity over time and the sources of the attacks.
The results from our study showed that attacks targeting SSH has increased compared to similar studies. Minor changes were identified in regards to used username/password and the geo-location of attacking IPs. The results from the comparison between the two environments showed that the residential honeypot was much more targeted than the campus honeypot.
Place, publisher, year, edition, pages
2015. , 32 p.
Honeypot, cybercrime, kippo, statistics, SSH
Engineering and Technology
IdentifiersURN: urn:nbn:se:hv:diva-8840Local ID: EDT501OAI: oai:DiVA.org:hv-8840DiVA: diva2:886079
Subject / course