loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Authors: Ilias Belalis 1 ; Georgios Spathoulas 2 and Ioannis Anagnostopoulos 1

Affiliations: 1 Department of Computer Science and Biomedical Informatics, University of Thessaly, 2-4 Papasiopoulou st., Lamia, 35131, Greece ; 2 Department of Information Security and Communication Technology, Norwegian University of Science and Technology (NTNU), Mail Box 191, Gjøvik, NO-2815, Norway

Keyword(s): Reconnaissance, Port Scanning, Detection, Evasion, Genetic Algorithm, Covert.

Abstract: Network security attacks have seen a significant increase in recent years. A remote attacker needs to understand the topology of the victim network and extract as much information as possible for the hosts of the network. The first step of a network attack is called reconnaissance and aims at gathering such information. In this paper, we analyze the detection of such activity through the use of machine learning classifiers. We identify which are the characteristics of reconnaissance activity that render it detectable and employ a heuristic approach to decide optimal values for such fields that can produce undetectable port scanning traffic. Based on those findings, a covert port scanning tool has been developed and made publicly available. The tool executes the reconnaissance step of an attack in a way that it can evade being detected.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.144.84.155

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Belalis, I.; Spathoulas, G. and Anagnostopoulos, I. (2023). Evading Detection During Network Reconnaissance. In Proceedings of the 9th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-624-8; ISSN 2184-4356, SciTePress, pages 528-534. DOI: 10.5220/0011685900003405

@conference{icissp23,
author={Ilias Belalis. and Georgios Spathoulas. and Ioannis Anagnostopoulos.},
title={Evading Detection During Network Reconnaissance},
booktitle={Proceedings of the 9th International Conference on Information Systems Security and Privacy - ICISSP},
year={2023},
pages={528-534},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011685900003405},
isbn={978-989-758-624-8},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 9th International Conference on Information Systems Security and Privacy - ICISSP
TI - Evading Detection During Network Reconnaissance
SN - 978-989-758-624-8
IS - 2184-4356
AU - Belalis, I.
AU - Spathoulas, G.
AU - Anagnostopoulos, I.
PY - 2023
SP - 528
EP - 534
DO - 10.5220/0011685900003405
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic