A Comprehensive Detection Approach of Nmap: Principles, Rules and Experiments

Liao, Si Yan; Zhou, Chenming; Zhao, Yue; Zhang, Zhe; Zhang, Chengwei; Gao, Yayu; Zhong, Guangming

doi:10.1109/cyberc49757.2020.00020

Cited by 17 publications

(16 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This valuable information might involve exploitation in later stages. In our research work, we consider a Nmap tool for security auditing and network scanning attack 39 . This tool scans the entire network and discovers a variety of information about connected devices, hosts in operating, services running, firewalls, and so on 40 .…”

Section: Methodsmentioning

confidence: 99%

“…In our research work, we consider a Nmap tool for security auditing and network scanning attack. 39 This tool scans the entire network and discovers a variety of information about connected devices, hosts in operating, services running, firewalls, and so on. 40 Therefore, we consider the Nmap tool for different reconnaissance like UDP, TCP SYN, XMAS Tree, FIN scan, and OS Fingerprinting.…”

Section: Machines Type Ip Address Specificationmentioning

confidence: 99%

See 1 more Smart Citation

P‐DNN: Parallel DNN based IDS framework for the detection of IoT vulnerabilities

Sharmila¹,

Nagapadma²

2023

Security and Privacy

View full text Add to dashboard Cite

SummaryThe rapid growth of the Internet of Things (IoT) in our daily life has recently received attention from hackers in releasing novel attacks. This is because the existing traditional Intrusion Detection System (IDS) uses an alert‐based approach that cannot detect new emerging attacks, making it unfeasible for devices with limited resources. The study presents the deployment of a Parallel Deep Neural Network (P‐DNN) IDS framework to improve the detection rate and resource constraint issues. To validate the framework for detecting the latest IoT vulnerabilities, we generated a proprietary dataset created under the IoT environment. The experimental results reveal that the P‐DNN IDS framework proposed in this study outperformed the K‐nearest Neighbour (KNN), Support Vector Machine (SVM), and Naive Bayes algorithms with respect to performance metrics. In addition, a comparative analysis of the P‐DNN framework with Snort and Suricata IDS results demonstrates a significant reduction in CPU consumption, memory utilization, and processing time. The results of this investigation indicate that the deployment of the P‐DNN framework has the capability to detect vulnerabilities in resource‐constraint IoT environments effectively.

show abstract

Section: Methodsmentioning

confidence: 99%

Section: Machines Type Ip Address Specificationmentioning

confidence: 99%

P‐DNN: Parallel DNN based IDS framework for the detection of IoT vulnerabilities

Sharmila¹,

Nagapadma²

2023

Security and Privacy

View full text Add to dashboard Cite

show abstract

“…Nmap is a free tool that lets you create a complete network map, including computers, servers, services provided by each machine, and open ports [16,17].…”

Section: System Administration Strategy For Securitymentioning

confidence: 99%

Database Administration Practical Aspects in Providing Digitalization of Educational Services

Petrov¹,

Kuyumdzhiev²,

Malkawi³

et al. 2022

Int. J. Emerg. Technol. Learn.

View full text Add to dashboard Cite

When delivering digitalization of educational services, a specific administration plan should be established, designed for maximum access, quick recovery from failure, and lowering the length of time it is unavailable, all while guaranteeing good security performance. It should include responsibilities such as providing dedicated servers for digitizing educational services, increasing security by using encryption and security-compliant network protocols, and database administration. To speed up the digitization of educational services, it is recommended that all databases be placed on a single server that will serve as the publisher, and that separate databases be distributed to three different servers that will act as the subscribers.

show abstract

“…In response to the above problems, many network security engineers have launched a variety of network asset scanning and vulnerability detection tools. Among them, Nmap [11,12], Masscan [11], Wappalyzer [13], Whatweb [14], zgrab2 [15,16], and other scanning and detection tools for a specific problem are more typical, and there are more mature integrated scanning and detection tools such as Goby [17] and Vxscan [18]. As a relatively advanced and mature integrated scanning and detection tool in related fields, Goby has a relatively comprehensive scanning and detection function, which can better meet the needs of the above scenarios.…”

Section: Introductionmentioning

confidence: 99%

“…Therefore, it is very necessary to build a network asset management and vulnerability detection system based on distributed clusters. In summary, this paper has absorbed the advantages of integrated scanning and detection tools such as Goby, integrated the functions of existing scanning and detection tools such as Nmap [11,12], Masscan [11], Whatweb [14], zgrab2 [15,16], etc., and proposed a set of network asset management and vulnerability detection system based on the distributed cluster (Dis-NDVW). Specifically, it has the following advantages:…”

Section: Introductionmentioning

confidence: 99%

Dis-NDVW: Distributed Network Asset Detection and Vulnerability Warning Platform

Li¹,

Wang²,

Zhu³

et al. 2023

Computers, Materials &Amp; Continua

View full text Add to dashboard Cite

With the rapid development of Internet technology, the issues of network asset detection and vulnerability warning have become hot topics of concern in the industry. However, most existing detection tools operate in a single-node mode and cannot parallelly process large-scale tasks, which cannot meet the current needs of the industry. To address the above issues, this paper proposes a distributed network asset detection and vulnerability warning platform (Dis-NDVW) based on distributed systems and multiple detection tools. Specifically, this paper proposes a distributed message subscription and publication system based on Zookeeper and Kafka, which endows Dis-NDVW with the ability to parallelly process large-scale tasks. Meanwhile, Dis-NDVW combines the RangeAssignor, RoundRobinAssignor, and StickyAssignor algorithms to achieve load balancing of task nodes in a distributed detection cluster. In terms of a large-scale task processing strategy, this paper proposes a task partitioning method based on First-In-First-Out (FIFO) queue. This method realizes the parallel operation of task producers and task consumers by dividing pending tasks into different queues according to task types. To ensure the data reliability of the task cluster, Dis-NDVW provides a redundant storage strategy for master-slave partition replicas. In terms of distributed storage, Dis-NDVW utilizes a distributed elastic storage service based on ElasticSearch to achieve distributed storage and efficient retrieval of big data. Experimental verification shows that Dis-NDVW can better meet the basic requirements of ultra-large-scale detection tasks.

show abstract

A Comprehensive Detection Approach of Nmap: Principles, Rules and Experiments

Cited by 17 publications

References 10 publications

P‐DNN: Parallel DNN based IDS framework for the detection of IoT vulnerabilities

P‐DNN: Parallel DNN based IDS framework for the detection of IoT vulnerabilities

Database Administration Practical Aspects in Providing Digitalization of Educational Services

Dis-NDVW: Distributed Network Asset Detection and Vulnerability Warning Platform

Contact Info

Product

Resources

About