中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/95523
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 80990/80990 (100%)
Visitors : 41645605      Online Users : 1438
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/95523


    Title: ALP:一種在保持帳戶鎖定的同時解決帳 戶拒絕服務攻擊的解決方案;ALP: A Solution Solving Account Denial-of-Service while Maintaining Account Lock
    Authors: 何雋永;Ho, Chun-Yung
    Contributors: 資訊工程學系
    Keywords: 帳戶鎖定;阻斷服務攻擊;account lockout;Denial-of-Service
    Date: 2024-07-22
    Issue Date: 2024-10-09 16:55:28 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 使用帳戶密碼進行驗證的登入方式廣泛應用於各種應用程式。
    然而,攻擊者可能通過自動化腳本對應用程序進行暴力破解攻擊。
    為了防止帳戶被惡意攻擊者破解並導致帳戶被接管,大多數應用程
    式都採取了帳戶鎖定政策。然而,帳戶鎖定政策也可能被用於阻斷
    服務攻擊,導致合法使用者無法訪問自己的帳戶。
    現有的解鎖方式在面對持續的帳戶阻斷服務攻擊時往往無法有
    效防範,甚至在 SSH 上也缺乏相關的解鎖方式。因此,需要一個解
    決方案,既能讓使用者正常訪問帳戶,又能保護使用者免於帳戶被
    反覆鎖定的風險。
    在這篇論文中,我們提出 ALP 來保護系統避免同時受到密碼破
    解和帳戶 DoS 攻擊。
    ;Password-based authentication is widely used in various applications.
    However, attackers may use automated scripts to perform brute force
    attacks on these applications.
    To prevent accounts from being compromised by malicious attackers,
    most applications implement account lockout policies. However, these
    account lockout policies can also be exploited for Denial-of-Service
    attacks, preventing legitimate users from accessing their accounts.
    Existing unlock mechanisms are often ineffective against sustained
    account lockout attacks and are even absent for services like SSH.
    Therefore, a solution is needed that allows users to access their accounts
    normally while protecting them from the risk of repeated account lockouts.
    In this paper, we propose Account Lock Protector (ALP) to defend a
    system against password cracking and account DoS simultaneously.
    Appears in Collections:[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML24View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明