Journal ArticleOPEN ACCESS

Connection failure message-based approach for detecting sequential and random TCP scanning

Indian Journal of Science and Technology (2014) 7(5) 628-636
DOI: 10.17485/ijst/2014/v7i5.8
4Citations
Citations of this article
6Readers
Mendeley users who have this article in their library.

Abstract

Network scanning is considered the first step for attackers to gain access to a targeted network. Attackers will blindly scan the network without any prior knowledge about the active service or host in the target network. Such blind scan will generate a high ratio of connection failure messages that come in the form of Internet Common Message Protocol type3 code1 (host unreachable) and TCP-RST packets. This paper proposes an approach for TCP random and sequential scanning detection on the basis of connection failure messages.

Author supplied keywords

Cite

CITATION STYLE

APA

Anbar, M., Ramadass, S., Manickam, S., & Al-Wardi, A. (2014). Connection failure message-based approach for detecting sequential and random TCP scanning. Indian Journal of Science and Technology, 7(5), 628–636. https://doi.org/10.17485/ijst/2014/v7i5.8

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free