Indian Journal of Science and Technology
DOI: 10.17485/ijst/2014/v7i5.8
Year: 2014, Volume: 7, Issue: 5, Pages: 628–636
Original Article
Mohammed Anbar1*, Sureswaran Ramadass1 , Selvakumar Manickam1 and Alhamza Al-Wardi2
1 National Advanced IPv6 Centre (NAv6), Universiti Sains Malaysia; anbar@nav6.org, sures@nav6.or, selva@nav6.org
2 Universiti Malaysia Perlis 02600 UNIMAP, Perlis, Malaysia; esraa@nav6.org
Network scanning is considered the first step for attackers to gain access to a targeted network. Attackers will blindly scan the network without any prior knowledge about the active service or host in the target network. Such blind scan will generate a high ratio of connection failure messages that come in the form of Internet Common Message Protocol type3 code1 (host unreachable) and TCP-RST packets. This paper proposes an approach for TCP random and sequential scanning detection on the basis of connection failure messages.
Keywords: Connection Failure, Network Scanning, TCP Random Scanning, TCP Sequential Scanning
Subscribe now for latest articles and news.