• DocumentCode
    2301658
  • Title

    Experience Using Active and Passive Mapping for Network Situational Awareness

  • Author

    Webster, Seth ; Lippmann, Richard ; Zissman, Marc

  • Author_Institution
    Lincoln Lab., MIT, Lexington, MA
  • fYear
    2006
  • fDate
    24-26 July 2006
  • Firstpage
    19
  • Lastpage
    26
  • Abstract
    Passive network mapping has often been proposed as an approach to maintain up-to-date information on networks between active scans. This paper presents a comparison of active and passive mapping on an operational network. On this network, active and passive tools found largely disjoint sets of services and the passive system took weeks to discover the last 15% of active services. Active and passive mapping tools provided different, not complimentary information. Deploying passive mapping on an enterprise network does not reduce the need for timely active scans due to non-overlapping coverage and potentially long discovery times
  • Keywords
    computer networks; security of data; telecommunication security; active network mapping; network situational awareness; passive network mapping; Computer crashes; Information security; Laboratories; Open source software; Operating systems; Passive networks; Peer to peer computing; Probes; Protection; Telecommunication traffic;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Network Computing and Applications, 2006. NCA 2006. Fifth IEEE International Symposium on
  • Conference_Location
    Cambridge, MA
  • Print_ISBN
    0-7695-2640-3
  • Type

    conf

  • DOI
    10.1109/NCA.2006.23
  • Filename
    1659471
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2301658