Title :
Simple port knocking method: Against TCP replay attack and port scanning
Author :
Ali, Fakariah Hani Mohd ; Yunos, Rozita ; Alias, Mohd Azuan Mohamad
Author_Institution :
Fac. of Comput. & Math. Sci., Univ. Teknol. MARA, Shah Alam, Malaysia
Abstract :
Port knocking is a first technique introduces to prevent attackers from discovering and exploiting potentially vulnerable service on a network host, while allowing authenticated users to access these services. Despite being potentially useful tool, it suffers various vulnerabilities such as TCP replay, port scanning and etc. This project proposes a new approach over the existing Port Knocking by employing the Source Port sequences that will simplify a technique for port knocking system. Source port is automatically generated by operating system and is pre-assigned to generate a sequence. A technique to control when certain service start and stop was introduced to mitigate problem with TCP replay attack and port scanning. The performance of the proposed method was evaluated by measuring the authentication time to knock the server. As a result, the proposed method worked faster than other methods like basic port knocking and Fwknop + SPA. This has shown that the proposed method was simple and at the same time against the TCP replay attack and port scanning.
Keywords :
authorisation; computer network security; transport protocols; TCP replay attack; authenticated users; authentication time measurement; automatic source port generation; network host; operating system; port knocking method; port scanning; sequence generation; service access; service vulnerability; source port sequences; Authentication; Computers; Cryptography; Fires; IP networks; Servers; Port Knocking; Port Scanning; Source port sequences; TCP Replay Attack;
Conference_Titel :
Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2012 International Conference on
Conference_Location :
Kuala Lumpur
Print_ISBN :
978-1-4673-1425-1
DOI :
10.1109/CyberSec.2012.6246118
