ISSN 0021-3454 (print version)
ISSN 2500-0381 (online version)
Menu

9
Issue
vol 63 / September, 2020
Article

DOI 10.17586/0021-3454-2018-61-10-881-886

UDC 004.056.53

PROTECTION AGAINST ATTACKS ON PRIVILEGED USER ACCOUNT

A. Y. Shcheglov
ITMO University, Saint Petersburg, 197101, Russian Federation; OOO «Scientific Production Enterprise «Information technologies in business»; Professor; General Director


T. S. Osadchaya
ITMO University; Department of Computer Science Engineering;


Read the full article 

Abstract. The tasks of preventing the possibility of theft of credentials of privileged users and reducing the consequences of such theft in the domain network are considered. The problems associated with this task are studied. Ways to get the password hash of a privileged account by an attacker are analyzed, the risk of such theft when using a domain network is assessed. A solution is proposed that consists in building a layered (multi-level) protection, each subsequent level of which is built on the assumption that the attacker has overcome the previous protection level. An approach is proposed which consists in strengthening password protection and preventing the possibility of administration (remote and local) if an attacker has a privileged account data. The proposed approach is stated to provide a complete solution to the problem.  
Keywords: privileged users, echelon (multi-level) protection, identity theft, domain network, administrative shares

References:
  1. https://threatpost.ru/88-percent-of-networks-susceptible-to-privileged-account-hacks/13219/. (in Russ.)
  2. https://xakep.ru/2011/03/31/55263/. (in Russ.)
  3. https://www.securitylab.ru/analytics/362448.php. (in Russ.)
  4. Podlesnyy M. Windows IT Pro/RE, 2002, no. 8. (in Russ.)
  5. http://npp-itb.ru/images/docs/alldocs/slides.pdf. (in Russ.)