| IEEE Access | |
| On Attacking Kerberos Authentication Protocol in Windows Active Directory Services: A Practical Survey | |
| Nadia Gamez Gomez1 Carlos Diaz Motero1 Javier Bermejo Higuera1 Juan Antonio Sicilia Montalvo2 Juan Ramon Bermejo Higuera2 | |
| [1] Escuela Superior de Ingeniería y Tecnología, Universidad Internacional de La Rioja, Logro&x00F1;o, La Rioja, Spain; | |
| 关键词: Windows active directory; Kerberos; Kerberos attacks; Kerberos attack detection; Kerberos attack’s mitigation; | |
| DOI : 10.1109/ACCESS.2021.3101446 | |
| 来源: DOAJ | |
【 摘 要 】
Organizations use Active Directory Windows service to authenticate users in a network with the extended Kerberos Authentication protocol. Therefore, it is necessary to investigate its resistance to the different types of attacks it can suffer, the best way to detect them and to parameterize it to mitigate the effects of the attacks. This work analyzes the main Kerberos attacks in Active Directory Windows networks, inherent in the design of the protocol and not resolved. For each attack the objective is studied, implementation is developed in a virtual laboratory and detection is analyzed, proposing measures for mitigation and response. Subsequently, they are discussed in a general way and the results of the attacks are analyzed according to some parameters. As conclusions of the work carried out, it should be noted that although the attacks are mostly difficult to implement, their detection is even more complicated, and the damage is very severe so it’s necessary to continuously monitor the logs in these environments to detect them and taking into account strict recommendations for mitigation and response.
【 授权许可】
Unknown
878987797
028-85220240
