• DocumentCode
    2696038
  • Title

    Simple port knocking method: Against TCP replay attack and port scanning

  • Author

    Ali, Fakariah Hani Mohd ; Yunos, Rozita ; Alias, Mohd Azuan Mohamad

  • Author_Institution
    Fac. of Comput. & Math. Sci., Univ. Teknol. MARA, Shah Alam, Malaysia
  • fYear
    2012
  • fDate
    26-28 June 2012
  • Firstpage
    247
  • Lastpage
    252
  • Abstract
    Port knocking is a first technique introduces to prevent attackers from discovering and exploiting potentially vulnerable service on a network host, while allowing authenticated users to access these services. Despite being potentially useful tool, it suffers various vulnerabilities such as TCP replay, port scanning and etc. This project proposes a new approach over the existing Port Knocking by employing the Source Port sequences that will simplify a technique for port knocking system. Source port is automatically generated by operating system and is pre-assigned to generate a sequence. A technique to control when certain service start and stop was introduced to mitigate problem with TCP replay attack and port scanning. The performance of the proposed method was evaluated by measuring the authentication time to knock the server. As a result, the proposed method worked faster than other methods like basic port knocking and Fwknop + SPA. This has shown that the proposed method was simple and at the same time against the TCP replay attack and port scanning.
  • Keywords
    authorisation; computer network security; transport protocols; TCP replay attack; authenticated users; authentication time measurement; automatic source port generation; network host; operating system; port knocking method; port scanning; sequence generation; service access; service vulnerability; source port sequences; Authentication; Computers; Cryptography; Fires; IP networks; Servers; Port Knocking; Port Scanning; Source port sequences; TCP Replay Attack;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2012 International Conference on
  • Conference_Location
    Kuala Lumpur
  • Print_ISBN
    978-1-4673-1425-1
  • Type

    conf

  • DOI
    10.1109/CyberSec.2012.6246118
  • Filename
    6246118