DC Field | Value | Language |
---|---|---|
dc.contributor.advisor | Shin, Seungwon | - |
dc.contributor.advisor | 신승원 | - |
dc.contributor.author | Kim, Jaehan | - |
dc.date.accessioned | 2023-06-26T19:34:13Z | - |
dc.date.available | 2023-06-26T19:34:13Z | - |
dc.date.issued | 2022 | - |
dc.identifier.uri | http://library.kaist.ac.kr/search/detail/view.do?bibCtrlNo=997184&flag=dissertation | en_US |
dc.identifier.uri | http://hdl.handle.net/10203/309939 | - |
dc.description | 학위논문(석사) - 한국과학기술원 : 전기및전자공학부, 2022.2,[iii, 35 p. :] | - |
dc.description.abstract | Leaked credentials can yield severe problems if Internet users reuse their passwords in third-party services. In this circumstance, it is already prevalent that cybercriminals utilize leaked credentials to breach more critical information. To reduce the burdensome threats, several researches have centered around breached credentials, especially password reuse behaviors of users. However, there are still lack of large-scale analysis and diversity in credential sources. To address these limitations, we present a large-scale yet empirical analysis of the security risks in the breached victim websites and the security implications of their credentials using 361 million accounts breached from 22,379 websites. In our findings, we observe that 44% of the victim websites are still vulnerable to information leakage. As for the breached credentials, we figure out that 8.7 million national institute/corporate credentials are more likely to be targeted by cybercriminals. Additionally, we find that 86% of the users reuse the same passwords in multiple websites, which are noticeably higher than what the previous works measured due to the diversity of the victim websites in our dataset. We believe that our findings help researchers and practitioners obtain a deeper understanding of credential data breaches and remind Internet users of their security awareness. | - |
dc.language | eng | - |
dc.publisher | 한국과학기술원 | - |
dc.title | (An) empirical analysis of credential breaches from vulnerable websites | - |
dc.title.alternative | 취약한 웹사이트를 대상으로 하는 자격 증명 침해에 대한 실증적 분석 | - |
dc.type | Thesis(Master) | - |
dc.identifier.CNRN | 325007 | - |
dc.description.department | 한국과학기술원 :전기및전자공학부, | - |
dc.contributor.alternativeauthor | 김재한 | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.