Do hacker subgroups share unique practices and knowledge? Is there a spatial characteristic to this sharing? The study investigates whether hackers who perform bmte force attacks (BFAs) from different countries (different IPs) use a spatially based corpus of words for usemames and passwords. The study explores the usage of975,000 usemames (UNs) and passwords (PWs) in bmte force attacks on honeypot (HP) computers. The results suggest that hacker subgroups attacking from different countries use different combinations of UNs and PWs, while a few attacks coming from different IPs share the same corpus of words. This significant result can help in tracing the source of BFAs by identifying and analyzing the terms used in such attacks.
- Brute force attacks (BFAs)
- Knowledge exchange