Active Directory Kerberoasting Attack: Monitoring and Detection Techniques

Lukáš Kotlaba; Simona Buchovecká; Róbert Lórencz

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Active Directory Kerberoasting Attack: Monitoring and Detection Techniques

Topics: Authentication, Privacy and Security Models; Intrusion Detection and Response

In Proceedings of the 6th International Conference on Information Systems Security and Privacy ICISSP - Volume 1, 432-439, 2020 , Valletta, Malta

Authors: Lukáš Kotlaba ; Simona Buchovecká and Róbert Lórencz

Affiliation: Department of Information Security, Faculty of Information Technology, Czech Technical University in Prague, Czech Republic

Keyword(s): MS Active Directory, Kerberos Security, Kerberoasting, Cyber Security, Cyber Attacks.

Abstract: The paper focus is the detection of Kerberoasting attack in Active Directory environment. The purpose of the attack is to extract service accounts’ passwords without need for any special user access rights or privilege escalation, which makes it suitable for initial phases of network compromise and further pivot for more interesting accounts. The main goal of the paper is to discuss the monitoring possibilities, setting up detection rules built on top of native Active Directory auditing capabilities, including possible ways to minimize false positive alerts.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.143.17.128

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Kotlaba, L.; Buchovecká, S. and Lórencz, R. (2020). Active Directory Kerberoasting Attack: Monitoring and Detection Techniques. In Proceedings of the 6th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-399-5; ISSN 2184-4356, SciTePress, pages 432-439. DOI: 10.5220/0008955004320439

@conference{icissp20,
author={Lukáš Kotlaba. and Simona Buchovecká. and Róbert Lórencz.},
title={Active Directory Kerberoasting Attack: Monitoring and Detection Techniques},
booktitle={Proceedings of the 6th International Conference on Information Systems Security and Privacy - ICISSP},
year={2020},
pages={432-439},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0008955004320439},
isbn={978-989-758-399-5},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 6th International Conference on Information Systems Security and Privacy - ICISSP
TI - Active Directory Kerberoasting Attack: Monitoring and Detection Techniques
SN - 978-989-758-399-5
IS - 2184-4356
AU - Kotlaba, L.
AU - Buchovecká, S.
AU - Lórencz, R.
PY - 2020
SP - 432
EP - 439
DO - 10.5220/0008955004320439
PB - SciTePress