IJCNIS Vol. 9, No. 6, 8 Jun. 2017
Cover page and Table of Contents: PDF (size: 523KB)
Full Text (PDF, 523KB), PP.21-29
Views: 0 Downloads: 0
Brute-force, grid computing, distributed computing, botnets
Brute-force attacks are known to be the promising way to break into even most complicated systems by trying every possible permutation of the keys. But since cryptosystems began to use longer and more complex keys, brute-force attacks has lost their usability, because of relatively high complexity of trying every possible permutation with respect to computational power and computation time that was available to crypto breakers. Although computational power is increasing continuously, its increasing rate is less than that of key length and complexity. Having these assumptions in mind, it is infeasible for centralized traditional computing architectures with limited computation power to break into modern cryptosystem by compromising the key with implementing schemes like conventional brute-force. In this paper authors aim for devising a novel brute-force scheme which integrates a modern computing architecture (grid computing) with botnets in order to perform brute-force attacks with lower computation time and lower equipment cost for individual cryptobreakers who have no access to supercomputers. In summary, GCDBF uses a portion of computation power of each of the infected nodes belonging to a botnet in a grid-based environment in order to process a portion of total workload of a brute-force attack which is needed for breaking a specific key. This approach neutralizes the need of acquiring supercomputers for individual hackers while reducing the required time for breaking the key because of using grid computing architecture. For the purpose of evaluation, GCDBF is implemented in different scenarios to prove its performance in comparison to centralized brute-force scheme.
Mohammad Reza. Hasani Ahangar, Mohammad Reza. Esmaeili Taba, Arash.Ghafouri, "On a Novel Grid Computing-Based Distributed Brute-force Attack Scheme (GCDBF) By Exploiting Botnets", International Journal of Computer Network and Information Security(IJCNIS), Vol.9, No.6, pp. 21-29, 2017. DOI:10.5815/ijcnis.2017.06.03
[1]Alfred J. Menezes and Paul C. Van Oorschot and Scott A Vanstone and R. L. Rivest, “Handbook of Applied Cryptography, chapter 5: Identification and Entity Authentication” CRC Press, 1997.
[2]J. Vykopal, “flow-based brute-force attack detection in large and high-speed networks”, PhD thesis, Masaryk Universty, pp13-14, September 2013.
[3]A. Jesudoss and N. Subramaniam, “A survey on authentication attacks and countermeasures in a distributed environment”, IJCSE, vol. 5 no. 2, May 2014.
[4]A. Muhanad, H. Dongjun, “DBFST: Detecting Distributed Brute-force Attack on a Single Target”, International Journal of Scientific & Engineering Research, vol. 6, Issue 3, pp 740-743, March 2015.
[5]N. Hoque, D. K. Bhattacharyya, J. K. Kalita, “Botnet in DDoS Attacks: Trends and Challenges”, Communications survey and tutorials, IEEE, vol. 17, Issue: 4 pp 10-11, July 2015.
[6]I. Ullah, N. Khan, H. A. Aboalsamh, “Survey on Botnet: Its architecture, detection, prevention and mitigation”, 10th International conference on Networking, Sensing and Control (ICNSC), IEEE, pp 660, April 2013.
[7]I. Foster, and C. Kesselman ”The Grid: Blueprint for a New Computing Infrastructure”, Morgan-Kaufmann Publication, 1998.
[8]I. Foster, C. Kesselman, J. M. Nick, and S. Tuecke, “Grid Services for Distributed System Integration”, Computer, IEEE, vol. 35, no. 6, pp. 37-46, August 2002.
[9]J. Cao, S. A. Jarvis, S. Saini, G. R. Nudd, “GridFlow: Workflow Management for Grid Computing”, Proceedings of the 3rd IEEE/ACM International Symposium on Cluster Computing and the Grid (CCGRID03), IEEE/ACM, pp 199-204, May 2003.
[10]SETI@Home, https://setiathome.berkeley.edu, Accessed 3 March 2017.
[11]Distributed.Net, http://www.distributed.net, Accessed 3 March 2017.
[12]C. Ernemann, V. Hamscher, U. chwiegelshohn, R. Yahyapour, “On Advantages of Grid Computing for Parallel Job Scheduling”, Proceedings of the 2nd International Symposium on Cluster Computing and the Grid (CCGRID.02), IEEE/ACM, pp 1-4 , May 2002.
[13]M. Eslahi, R. Salleh, M. Anuar, “MoBots: A New Generation of Botnets on Mobile Devices and Networks”, International Symposium on Computer Applications and Industrial Electronics, IEEE, pp 263-264, December 2012.
[14]L. R. Knudsen, M. Robshaw, “The Block Cipher Companion”, chapter 5: Brute-force attacks, Springer Science & Business Media Publication, 2011.
[15]A. Karim, S. A. Ali Shah, R. Salleh, “Mobile Botnet Attacks: A Thematic Taxonomy”, New Perspectives in Information Systems and Technologies vol. 2, Springer, pp 153-164, 2014.
[16]Z. Lu, W. Wang, C. Wang, “On the Evolution and Impact of Mobile Botnets in Wireless Networks”, Transactions on Mobile Computing, IEEE, vol 15, Issue: 9 pp 2-6, October 2015.
[17]A. Malatras, E. Freyssinet, L. Beslay, “Mobile Botnets Taxonomy and Challenges”, European Intelligence and Security Informatics Conference, IEEE, pp 149-151, September 2015.
[18]W. Chen, Ch. Yin, Sh. Zhou, X. Yan, “Cloud-based Mobile Botnets Using Multiple Push Servers”, Seventh International Symposium on Parallel Architectures, Algorithms and Programming, IEEE, January 2015.
[19]Sh. Zhao, P. L. Lui, X. Guan, X. Ma, J. Tao, “Cloud-Based Push-Styled Mobile Botnets: A Case Study of Exploiting the Cloud to Device Messaging Service”, Proceedings of the 28th Annual Computer Security Applications Conference, ACM, pp 121-122, December 2012.
[20]A. Iosup, D. Epema, “Grid Computing Workloads”, Internet Computing, IEEE, vol. 15, Issue: 2, pp 19-20, April 2011.
[21]Brute-Force Calculator, www.mandylionslab.com, Accessed 8 March 2017.
[22]Brute-forceCalculator, http://calc.opensecurityresearch.com, Accessed 8 March 2017.