2014
DOI: 10.1016/j.diin.2014.05.012
|View full text |Cite
|
Sign up to set email alerts
|

Multidimensional investigation of source port 0 probing

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
2

Citation Types

0
8
0

Year Published

2017
2017
2022
2022

Publication Types

Select...
5
1

Relationship

0
6

Authors

Journals

citations
Cited by 27 publications
(8 citation statements)
references
References 5 publications
0
8
0
Order By: Relevance
“…While reserved [52] but never assigned and treated as request for a system-allocated port by socket APIs, port 0 should not be observed in Internet traffic. Prior work [11,12,21,35,37,39] observed low volumes of port 0 Internet traffic. Its origin can be multifold, e.g., as target port for DDoS attacks [37] or scanning [11] and system fingerprinting [37].…”
Section: Introductionmentioning
confidence: 99%
See 1 more Smart Citation
“…While reserved [52] but never assigned and treated as request for a system-allocated port by socket APIs, port 0 should not be observed in Internet traffic. Prior work [11,12,21,35,37,39] observed low volumes of port 0 Internet traffic. Its origin can be multifold, e.g., as target port for DDoS attacks [37] or scanning [11] and system fingerprinting [37].…”
Section: Introductionmentioning
confidence: 99%
“…Prior work [11,12,21,35,37,39] observed low volumes of port 0 Internet traffic. Its origin can be multifold, e.g., as target port for DDoS attacks [37] or scanning [11] and system fingerprinting [37]. We also observe traffic carrying port 0, yet with a very different reason: IP fragmentation.…”
Section: Introductionmentioning
confidence: 99%
“…Even though there is traffic on port 0 in the Internet, there is little research on its root causes. Motivated by port 0 traffic spikes observed in November 2013 at the Internet Storm Center and reports from security researchers at Cisco Systems, Bou-Harb et al [9] study port 0 traffic on 30 GB of darknet data. They filter out any misconfigured traffic and packets with non-conforming TCP flags common in backscatter traffic [43].…”
Section: Related Workmentioning
confidence: 99%
“…In contrast to the related work [9,29,30], which all focus their efforts on the analysis of a single passive data source, in this paper we analyze four complementing passive datasets in addition to conducting an active measurement campaign to better understand port 0 traffic in the wild.…”
Section: Related Workmentioning
confidence: 99%
See 1 more Smart Citation