Publication result detail

Kerberos Golden Ticket Attack

POCAROVSKY, S.; KOPPL, M.; ORGOŇ, M.; BOHAČÍK, A.

Original Title

Kerberos Golden Ticket Attack

English Title

Kerberos Golden Ticket Attack

Type

Paper in proceedings (conference paper)

Original Abstract

One of the main trends in IT today is the security of user accounts and the correct procedure for authenticating them in systems. As the population moves into the digital age, every user must also have a digital identity. In order to use a particular service, the user must first authenticate against the system and based on this authentication, the user will be assigned rights to the service. Back in 2014, it was estimated that the average user of web services had approximately 25 web accounts, nowadays it is estimated that there are approximately 80 web accounts per user, where some form of identity authentication must be implemented for each of these services. In large enterprise computer networks, services are used to centrally manage users using, for example, a windows server role – Active Directory Domain Services, which uses the Kerberos authentication protocol.

English abstract

One of the main trends in IT today is the security of user accounts and the correct procedure for authenticating them in systems. As the population moves into the digital age, every user must also have a digital identity. In order to use a particular service, the user must first authenticate against the system and based on this authentication, the user will be assigned rights to the service. Back in 2014, it was estimated that the average user of web services had approximately 25 web accounts, nowadays it is estimated that there are approximately 80 web accounts per user, where some form of identity authentication must be implemented for each of these services. In large enterprise computer networks, services are used to centrally manage users using, for example, a windows server role – Active Directory Domain Services, which uses the Kerberos authentication protocol.

Keywords

Active directory; Golden ticket; Kerberos; krbtgt account

Key words in English

Active directory; Golden ticket; Kerberos; krbtgt account

Authors

POCAROVSKY, S.; KOPPL, M.; ORGOŇ, M.; BOHAČÍK, A.

RIV year

2024

Released

04.01.2023

Publisher

Springer International Publishing

ISBN

978-3-031-21438-7

Book

Data Science and Algorithms in Systems

Edition

597

Pages from

677

Pages to

688

Pages count

12

URL

https://link.springer.com/chapter/10.1007/978-3-031-21438-7_56

BibTex

@inproceedings{BUT180586,
  author="Stefan {Pocarovsky} and Martin {Koppl} and Miloš {Orgoň} and Antonín {Bohačík}",
  title="Kerberos Golden Ticket Attack",
  booktitle="Data Science and Algorithms in Systems",
  year="2023",
  series="597",
  pages="677--688",
  publisher="Springer International Publishing",
  doi="10.1007/978-3-031-21438-7\{_}56",
  isbn="978-3-031-21438-7",
  url="https://link.springer.com/chapter/10.1007/978-3-031-21438-7_56"
}

Documents

Kerberos_Golden_Ticket_Attack__CoMeSySo_2022___Final_deadline__August_20__2022_