Title :
Detection and protection against network scanning: IEDP
Author :
Xiaobing, Guo ; Depei, Qian ; Min, Liu ; Ran, Zhang ; Bin, Xu
Author_Institution :
Dept. of Comput. Sci. & Eng., Xi´´an Jiaotong Univ., China
Abstract :
Network scanning is an increasing threat to network security. This paper classifies and analyzes current scanning methods, and draws a conclusion that the current detection and protection of scanning mainly aim at information concealment. A novel system of the detection and protection named IEDP is presented in this paper Its concept is discussed and its implementation is described in details. Compared with the current approaches, the concept of IEDP can be recapitulated in one word: "impartation". When detecting a scanning, IEDP gives the scanner bogus information to spoof and confuse him/her. So, for example, when scanning ports, the scanner will find that all ports are listening and can\´t tell which port is really open. IEDP also adopts a new mechanism called error steering to spoof the scanner IEDP randomly steers errors in communication with the scanner, let the scanner believe that the communication is unstable and give up scanning. Experiments show that IEDP system is efficient
Keywords :
computer networks; security of data; telecommunication security; IEDP system; detection; firewall; network attack; network scanning; network security; protection; Computer science; Computer security; IEEE news; IP networks; Information analysis; Information security; Notice of Violation; Protection; Radio access networks; TCPIP;
Conference_Titel :
Computer Networks and Mobile Computing, 2001. Proceedings. 2001 International Conference on
Conference_Location :
Los Alamitos, CA
Print_ISBN :
0-7695-1381-6
DOI :
10.1109/ICCNMC.2001.962637
