DocumentCode :
2445704
Title :
Lightweight protection against brute force login attacks on Web applications
Author :
Adams, Carlisle ; Jourdan, Guy-Vincent ; Levac, Jean-Pierre ; Prevost, François
Author_Institution :
Sch. of Inf. Technol. & Eng., Univ. of Ottawa, Ottawa, ON, Canada
fYear :
2010
fDate :
17-19 Aug. 2010
Firstpage :
181
Lastpage :
188
Abstract :
Password-based systems and, more generally, authentication systems based on something you know, are commonplace on the Internet. Web applications using these systems can be the target of brute force login attacks, in which an attacker tries to compromise a given account or any user account on the system. These applications rarely implement effective protection mechanisms against these attacks. In this paper, we review the situation and propose a practical, simple, security mechanism. Our system is non-intrusive and can be incorporated into most web applications with very little modification to the application code.
Keywords :
Internet; message authentication; Internet; Web applications; authentication systems; brute force login attacks; lightweight protection; password-based systems; Authentication; Computer crime; Databases; Electronic mail; Force; IP networks; brute force attacks; denial of service; trawling attacks; web applications;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Privacy Security and Trust (PST), 2010 Eighth Annual International Conference on
Conference_Location :
Ottawa, ON
Print_ISBN :
978-1-4244-7551-3
Electronic_ISBN :
978-1-4244-7549-0
Type :
conf
DOI :
10.1109/PST.2010.5593241
Filename :
5593241
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2445704
بازگشت