DocumentCode
2696038
Title
Simple port knocking method: Against TCP replay attack and port scanning
Author
Ali, Fakariah Hani Mohd ; Yunos, Rozita ; Alias, Mohd Azuan Mohamad
Author_Institution
Fac. of Comput. & Math. Sci., Univ. Teknol. MARA, Shah Alam, Malaysia
fYear
2012
fDate
26-28 June 2012
Firstpage
247
Lastpage
252
Abstract
Port knocking is a first technique introduces to prevent attackers from discovering and exploiting potentially vulnerable service on a network host, while allowing authenticated users to access these services. Despite being potentially useful tool, it suffers various vulnerabilities such as TCP replay, port scanning and etc. This project proposes a new approach over the existing Port Knocking by employing the Source Port sequences that will simplify a technique for port knocking system. Source port is automatically generated by operating system and is pre-assigned to generate a sequence. A technique to control when certain service start and stop was introduced to mitigate problem with TCP replay attack and port scanning. The performance of the proposed method was evaluated by measuring the authentication time to knock the server. As a result, the proposed method worked faster than other methods like basic port knocking and Fwknop + SPA. This has shown that the proposed method was simple and at the same time against the TCP replay attack and port scanning.
Keywords
authorisation; computer network security; transport protocols; TCP replay attack; authenticated users; authentication time measurement; automatic source port generation; network host; operating system; port knocking method; port scanning; sequence generation; service access; service vulnerability; source port sequences; Authentication; Computers; Cryptography; Fires; IP networks; Servers; Port Knocking; Port Scanning; Source port sequences; TCP Replay Attack;
fLanguage
English
Publisher
ieee
Conference_Titel
Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2012 International Conference on
Conference_Location
Kuala Lumpur
Print_ISBN
978-1-4673-1425-1
Type
conf
DOI
10.1109/CyberSec.2012.6246118
Filename
6246118
Link To Document