Title :
Framework for creating realistic port scanning benchmarks
Author :
Al-Tamimi, Mustafa ; El-Hajj, Wassim ; Aloul, Fadi
Author_Institution :
Dept. of Comput. Sci., American Univ. of Beirut, Beirut, Lebanon
Abstract :
Port scanning is one of the most popular reconnaissance techniques that many attackers use to profile running services on a potential target before launching an attack. Many port scanning detection mechanisms have been suggested in literature. However, very little work has been done on generating port scanning benchmarks that researchers can use to test their detection methods. In this paper, we suggest a simulation framework using OMNeT++ to generate benchmarks that resemble real-life traffic. We approach the problem by dividing it into three modules (topology creation, good traffic generation, bad traffic generation), each of which we make realistic, similar to deployed and usable networks. Hence the resultant benchmark is annotated and made public.
Keywords :
security of data; OMNeT++; port scanning benchmarks; profile running services; real-life traffic; realistic port scanning benchmarks; reconnaissance techniques; scanning detection mechanisms; topology creation; traffic generation; Benchmark testing; Network topology; Ports (Computers); Protocols; Servers; Topology; Intrusion Detection System; Port Scanning; Port Scanning Benchmarks;
Conference_Titel :
Wireless Communications and Mobile Computing Conference (IWCMC), 2013 9th International
Conference_Location :
Sardinia
Print_ISBN :
978-1-4673-2479-3
DOI :
10.1109/IWCMC.2013.6583713
