Connection Failure Message-based Approach for Detecting Sequential and Random Tcp Scanning

Mohammed Anbar; Sureswaran Ramadass; Selvakumar Manickam; Alhamza Al-Wardi

doi:10.17485/ijst/2014/v7i5/54104

Connection Failure Message-based Approach for Detecting Sequential and Random Tcp Scanning

Mohammed Anbar ¹, Sureswaran Ramadass ¹, Selvakumar Manickam ¹, Alhamza Al-Wardi ²

Affiliations
1 National Advanced IPv6 Centre (NAv6), Universiti Sains, Malaysia
2 Universiti Malaysia Perlis 02600 UNIMAP, Perlis, Malaysia

Abstract
References
Article Metrics
Refbacks

Network scanning is considered the first step for attackers to gain access to a targeted network. Attackers will blindly scan the network without any prior knowledge about the active service or host in the target network. Such blind scan will generate a high ratio of connection failure messages that come in the form of Internet Common Message Protocol type3 code1 (host unreachable) and TCP-RST packets. This paper proposes an approach for TCP random and sequential scanning detection on the basis of connection failure messages.

Keywords

Connection Failure, Network Scanning, TCP Random Scanning, TCP Sequential Scanning

About the Journal

Editorial Board

Current Issue

Archives

Advanced Search

Article Submission

Registration

Subscription

User

Information

Journal Content
Browse

Donations

Abstract Views: 200

PDF Views: 0

Username
Password
Remember me

Username
Password
Remember me

Indian Journal of Science and Technology

Connection Failure Message-based Approach for Detecting Sequential and Random Tcp Scanning

Keywords

Connection Failure Message-based Approach for Detecting Sequential and Random Tcp Scanning

Authors

Abstract

Keywords