Framework for creating realistic port scanning benchmarks
作者: Mustafa Al-Tamimi , Wassim El-Hajj , Fadi Aloul
DOI: 10.1109/IWCMC.2013.6583713
关键词: Traffic generation model 、 Distributed computing 、 Computer science 、 Computer network 、 Topology (electrical circuits) 、 Port (computer networking) 、 Benchmark (computing)
摘要: Port scanning is one of the most popular reconnaissance techniques that many attackers use to profile running services on a potential target before launching an attack. Many port detection mechanisms have been suggested in literature. However, very little work has done generating benchmarks researchers can test their methods. In this paper, we suggest simulation framework using OMNeT++ generate resemble real-life traffic. We approach problem by dividing it into three modules (topology creation, good traffic generation, bad generation), each which make realistic, similar deployed and usable networks. Hence resultant benchmark annotated made public.
aloul.net 
researchgate.net 参考文章(20)
Carrie Gates, Coordinated Scan Detection. network and distributed system security symposium. ,(2009)
Tao Wan, Xue Dong Yang, IntruDetector: a software platform for testing network intrusion detection algorithms annual computer security applications conference. pp. 3- 11 ,(2001) , 10.1109/ACSAC.2001.991516
Bruno Quoitin, Olivier Bonaventure, Virginie Van den Schrieck, Pierre Francois, IGen: Generation of router-level Internet topologies through network design heuristics international teletraffic congress. pp. 1- 8 ,(2009)
Levent Ertoz, Aleksandar Lazarevic, Paul Dokas, Pang-Ning Tan, Vipin Kumar, Jaideep Srivastava, Data Mining for Network Intrusion Detection ,(2002)
Brian White, Jay Lepreau, Leigh Stoller, Robert Ricci, Shashi Guruprasad, Mac Newbold, Mike Hibler, Chad Barb, Abhijeet Joglekar, An integrated experimental environment for distributed systems and networks ACM SIGOPS Operating Systems Review. ,vol. 36, pp. 255- 270 ,(2002) , 10.1145/844128.844152
Theuns Verwoerd, Ray Hunt, Intrusion detection techniques and approaches Computer Communications. ,vol. 25, pp. 1356- 1365 ,(2002) , 10.1016/S0140-3664(02)00037-3
Thomas Gamer, Michael Scharf, Realistic simulation environments for IP-based networks simulation tools and techniques for communications networks and system. pp. 83- ,(2008) , 10.4108/ICST.SIMUTOOLS2008.3079
Thomas Gamer, Christoph P. Mayer, Large-scale evaluation of distributed attack detection simulation tools and techniques for communications, networks and system. pp. 68- ,(2009) , 10.4108/ICST.SIMUTOOLS2009.5552
Shi Zhou, Guoqiang Zhang, Guoqing Zhang, Zhenrong Zhuge, Towards a Precise and Complete Internet Topology Generator international conference on communications, circuits and systems. ,vol. 3, pp. 1830- 1834 ,(2006) , 10.1109/ICCCAS.2006.285029
Mehiar Dabbagh, Ali J. Ghandour, Kassem Fawaz, Wassim El Hajj, Hazem Hajj, Slow port scanning detection information assurance and security. pp. 228- 233 ,(2011) , 10.1109/ISIAS.2011.6122824