Active and Passive Collection of SSH key material for cyber threat intelligence
| Autor: | Dulaunoy, Alexandre, Huynen, Jean-Louis, Thirion, Aurelien |
|---|---|
| Rok vydání: | 2022 |
| Předmět: | |
| Druh dokumentu: | Working Paper |
| DOI: | 10.1145/3491262 |
| Popis: | This paper describes a system for storing historical forensic artefacts collected from SSH connections. This system exposes a REST API in a similar fashion as passive DNS databases, malware hash registries, and SSL notaries with the goal of supporting incident investigations and monitoring of infrastructure. |
| Databáze: | arXiv |
| Externí odkaz: |
|