2008 16th IEEE International Conference on Networks 2008
DOI: 10.1109/icon.2008.4772622
|View full text |Cite
|
Sign up to set email alerts
|

Port scan detection

Abstract: Port scanning is a phase in footprinting and scanning; this comes in reconnaissance which is considered as the first stage of a computer attack. Port scanning aims at finding open ports in a system. These open ports are exploited by attackers to carry out attacks and exploits. There are a number of tools to scan for open ports. However, very few tools are present to detect port scanning attempts.The goal of this project is to identify port scan attempts and find out information about the machine from where por… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
22
0
1

Year Published

2013
2013
2021
2021

Publication Types

Select...
4
3
1

Relationship

0
8

Authors

Journals

citations
Cited by 38 publications
(23 citation statements)
references
References 1 publication
0
22
0
1
Order By: Relevance
“…These attackers often use scanning and enumeration tools [1] to find more topology information and vulnerable services within a network. Moreover, these attackers attempt to deceive Intrusion Detection Systems (IDSs) and visualization tools by performing stealthy scans such as scanning from multiple hosts on a network, spoofing source and destination hosts, and adding noise (e.g., sending repetitive scans from dozens of spoofed IPs) to trigger false positives and generate misleading information [2].…”
Section: Introductionmentioning
confidence: 99%
“…These attackers often use scanning and enumeration tools [1] to find more topology information and vulnerable services within a network. Moreover, these attackers attempt to deceive Intrusion Detection Systems (IDSs) and visualization tools by performing stealthy scans such as scanning from multiple hosts on a network, spoofing source and destination hosts, and adding noise (e.g., sending repetitive scans from dozens of spoofed IPs) to trigger false positives and generate misleading information [2].…”
Section: Introductionmentioning
confidence: 99%
“…(23). Since the parameters Fs and m are directly related to the computational complexity of the algorithm, finding a suitable parameter set with Fs entries as low as possible is of great interest.…”
Section: Ra-aco Input Parameters Optimizationmentioning
confidence: 99%
“…The flash crowd is differentiate from DoS and DDoS because of the malicious agent. Worms, port scan and others usually are programmed to discover vulnerabilities in networks and perform attacks [23].…”
Section: Anomalymentioning
confidence: 99%
“…According to (Parekh and Patel, 2015;Gadge and Patil, 2008;Quick and Choo, 2013), Network Monitor is effective for traffic analysis but is not for network traffic measurement as it did not collect the traffic data of the network. Pandora FSM tools however are not applicable on distributed networks as there is a need to provide central server for the specific network.…”
Section: Comparisons Review Of Internet Traffic Measuerment and Analymentioning
confidence: 99%
“…This information can be captured into standard file format such as TXT. It uses multithreaded approach where a separate scanning thread is created for each scanned IP address, in increasing its scanning speed (Gadge and Patil, 2008).…”
Section: Angry Ip Scannermentioning
confidence: 99%