DocumentCode
631694
Title
Framework for creating realistic port scanning benchmarks
Author
Al-Tamimi, Mustafa ; El-Hajj, Wassim ; Aloul, Fadi
Author_Institution
Dept. of Comput. Sci., American Univ. of Beirut, Beirut, Lebanon
fYear
2013
fDate
1-5 July 2013
Firstpage
1114
Lastpage
1119
Abstract
Port scanning is one of the most popular reconnaissance techniques that many attackers use to profile running services on a potential target before launching an attack. Many port scanning detection mechanisms have been suggested in literature. However, very little work has been done on generating port scanning benchmarks that researchers can use to test their detection methods. In this paper, we suggest a simulation framework using OMNeT++ to generate benchmarks that resemble real-life traffic. We approach the problem by dividing it into three modules (topology creation, good traffic generation, bad traffic generation), each of which we make realistic, similar to deployed and usable networks. Hence the resultant benchmark is annotated and made public.
Keywords
security of data; OMNeT++; port scanning benchmarks; profile running services; real-life traffic; realistic port scanning benchmarks; reconnaissance techniques; scanning detection mechanisms; topology creation; traffic generation; Benchmark testing; Network topology; Ports (Computers); Protocols; Servers; Topology; Intrusion Detection System; Port Scanning; Port Scanning Benchmarks;
fLanguage
English
Publisher
ieee
Conference_Titel
Wireless Communications and Mobile Computing Conference (IWCMC), 2013 9th International
Conference_Location
Sardinia
Print_ISBN
978-1-4673-2479-3
Type
conf
DOI
10.1109/IWCMC.2013.6583713
Filename
6583713
Link To Document