• DocumentCode
    631694
  • Title

    Framework for creating realistic port scanning benchmarks

  • Author

    Al-Tamimi, Mustafa ; El-Hajj, Wassim ; Aloul, Fadi

  • Author_Institution
    Dept. of Comput. Sci., American Univ. of Beirut, Beirut, Lebanon
  • fYear
    2013
  • fDate
    1-5 July 2013
  • Firstpage
    1114
  • Lastpage
    1119
  • Abstract
    Port scanning is one of the most popular reconnaissance techniques that many attackers use to profile running services on a potential target before launching an attack. Many port scanning detection mechanisms have been suggested in literature. However, very little work has been done on generating port scanning benchmarks that researchers can use to test their detection methods. In this paper, we suggest a simulation framework using OMNeT++ to generate benchmarks that resemble real-life traffic. We approach the problem by dividing it into three modules (topology creation, good traffic generation, bad traffic generation), each of which we make realistic, similar to deployed and usable networks. Hence the resultant benchmark is annotated and made public.
  • Keywords
    security of data; OMNeT++; port scanning benchmarks; profile running services; real-life traffic; realistic port scanning benchmarks; reconnaissance techniques; scanning detection mechanisms; topology creation; traffic generation; Benchmark testing; Network topology; Ports (Computers); Protocols; Servers; Topology; Intrusion Detection System; Port Scanning; Port Scanning Benchmarks;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Wireless Communications and Mobile Computing Conference (IWCMC), 2013 9th International
  • Conference_Location
    Sardinia
  • Print_ISBN
    978-1-4673-2479-3
  • Type

    conf

  • DOI
    10.1109/IWCMC.2013.6583713
  • Filename
    6583713