Scan Prediction and Reconnaissance Mitigation through Commodity Graphics Cards

Christian Doerr, Mourad El Maouchi, Sille Kamoen, Jarno Moree

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

2 Citations (Scopus)

Abstract

In order to protect ICT systems against remote attacks and exploitation, insight into which systems are targeted is necessary as soon as possible. Given the lack of advance information, current network-based attack detection and mitigation
techniques, such as virus scanners or intrusion prevention systems, are typically aimed at countering the delivery and exploitation. This paper presents a novel approach capable of detecting threats while they scan a local network for potential targets and even before an intrusion attack has been made. Thisallows the defender to single out scan traffic and selectively deny access to an attacker performing reconnaissance while maintaining the availability to other users.We implement a proofof-concept on commodity graphics cards, and demonstrate fast prediction of scanner behavior on a /16 network telescope.
Original languageEnglish
Title of host publicationIEEE Conference on Communications and Network Security
PublisherIEEE
Pages1-9
Number of pages9
DOIs
Publication statusPublished - 2016
Event IEEE Conference on Communications and Network Security, ICNS 2016 - Philadelpia, United States
Duration: 17 Oct 201619 Oct 2016
http://cns2016.ieee-cns.org/

Conference

Conference IEEE Conference on Communications and Network Security, ICNS 2016
Abbreviated titleIEEE CNS 2016
CountryUnited States
CityPhiladelpia
Period17/10/1619/10/16
Internet address

Fingerprint Dive into the research topics of 'Scan Prediction and Reconnaissance Mitigation through Commodity Graphics Cards'. Together they form a unique fingerprint.

Cite this