Surveying Port Scans and Their Detection Methodologies
نویسندگان
چکیده
Scanning of ports on a computer occurs frequently on the Internet. An attacker performs port scans of IP addresses to find vulnerable hosts to compromise. However, it is also useful for system administrators and other network defenders to detect port scans as possible preliminaries to more serious attacks. It is a very difficult task to recognize instances of malicious port scanning. In general, a port scan may be an instance of a scan by attackers or an instance of a scan by network defenders. In this survey, we present research and development trends in this area. Our presentation includes a discussion of common port scan attacks. We provide a comparison of port scan methods based on type, mode of detection, mechanism used for detection, and other characteristics. This survey also reports on the available datasets and evaluation criteria for port scan detection approaches.
منابع مشابه
Monitoring coastline changes in Amirabad Port by surveying coastline and sea level
The process of erosion and desertification affects social communities, agricultural lands and natural resources in coastal areas. The rapid coastline changes would cause social and economic issues in the coastal areas. In this study, Miankaleh coasts and the eastern coastlines of Amirabad port have been surveyed due to existing benchmarks since June 2013 until December 2015 in order to analyze ...
متن کاملNetwork Forensics: Detection and Analysis of Stealth Port Scanning Attack
Network administrator performs port scanning for the purpose of network monitoring and troubleshooting on the other hand this facility become vulnerability when attacker performs port scanning for probing networks, searching for vulnerabilities and then infiltrate IT assets. It is often a primarily tactic that is adopted by attacker prior to launching a targeted cyber-attack. Moreover in recent...
متن کاملAOCD: An Adaptive Outlier Based Coordinated Scan Detection Approach
Coordinated attacks are distributed in nature because they attempt to compromise a target machine from multiple sources. It is important for network defenders and administrators to detect these scans as possible preliminaries to more serious attacks. However, it is very difficult to detect malicious scans based on port specific behavior alone. In this paper, we present an Adaptive Outlier based...
متن کاملInformation Fusion for Anomaly Detection with the Dendritic Cell Algoritm
Dendritic cells are antigen presenting cells that provide a vital link between the innate and adaptive immune system, providing the initial detection of pathogenic invaders. Research into this family of cells has revealed that they perform information fusion which directs immune responses. We have derived a Dendritic Cell Algorithm based on the functionality of these cells, by modelling the bio...
متن کاملInformation Fusion for Anomaly Detection with the Dendritic Cell Algorithm
Dendritic cells are antigen presenting cells that provide a vital link between the innate and adaptive immune system, providing the initial detection of pathogenic invaders. Research into this family of cells has revealed that they perform information fusion which directs immune responses. We have derived a Dendritic Cell Algorithm based on the functionality of these cells, by modelling the bio...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Comput. J.
دوره 54 شماره
صفحات -
تاریخ انتشار 2011