Universiti Teknologi Malaysia Institutional Repository

Detecting plaintext recovery attack in secure shell (SSH)

Ahmad Baidowi, Zaid Mujaiyid Putra (2010) Detecting plaintext recovery attack in secure shell (SSH). Masters thesis, Universiti Teknologi Malaysia, Faculty of Computer Science and Information Systems.

[img] PDF
[img] PDF
[img] PDF


Plaintext Recovery Attack is a new attack in security system world. It was discovered lately in the year of 2008. It is known that Secure Shell (SSH) connection is secure enough but this new discovered attack proved that there is vulnerability exist in SSH. Therefore, people need to aware of the attack since it could harm computer systems and connection could be dropped. In this thesis, we proposed a new mechanism to detect the attack and alert the system user that the computer is being attacked. The methodology used is System Development Life Cycle (SDLC) by applying waterfall model. Study and analysis have been done to make sure that the all necessary information is gathered. A simple tool was developed and tested successfully to prove that the mechanism can be implemented. Input parameter is needed to simulate the attack since the attack is new. Block-by-block input parameter is sent through the SSH connection from source host to destination host. The destination host detects the attack by checking the end of block size. If the block is attacked, then the block size would be recognized as the first block. This tool helps computer users and administrators are aware of this kind of attack. The weaknesses of this new mechanism shows that it needs further research to tighten up the mechanism.

Item Type:Thesis (Masters)
Additional Information:Thesis (Sarjana Sains (Komputer Sains-Keselamatan maklumat)) - Universiti Teknologi Malaysia, 2010; Supervisor : Dr. Shukor Abdul Razak
Uncontrolled Keywords:plaintext recovery attack, security system, secure shell (SSH)
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computer Science and Information System (Formerly known)
ID Code:12076
Deposited By: Ms Zalinda Shuratman
Deposited On:22 Feb 2011 07:24
Last Modified:02 Jul 2012 04:10

Repository Staff Only: item control page