Scan Prediction and Reconnaissance Mitigation through Commodity Graphics Cards

None, None; None, None; None, None; None, None

Scan Prediction and Reconnaissance Mitigation through Commodity Graphics Cards

Conference Paper (2016)

Author(s)

C. Dörr (TU Delft - Cyber Security)

Mourad El Maouchi

Sille Kamoen

Jarno Moree

Research Group

Cyber Security

DOI related publication

https://doi.org/10.1109/CNS.2016.7860496

To reference this document use:

https://resolver.tudelft.nl/uuid:9378a405-e693-4a97-8d02-ae92e72f9880

More Info

expand_more

Publication Year

2016

Language

English

Research Group

Cyber Security

Pages (from-to)

1-9

Abstract

In order to protect ICT systems against remote attacks and exploitation, insight into which systems are targeted is necessary as soon as possible. Given the lack of advance information, current network-based attack detection and mitigation
techniques, such as virus scanners or intrusion prevention systems, are typically aimed at countering the delivery and exploitation. This paper presents a novel approach capable of detecting threats while they scan a local network for potential targets and even before an intrusion attack has been made. Thisallows the defender to single out scan traffic and selectively deny access to an attacker performing reconnaissance while maintaining the availability to other users.We implement a proofof-concept on commodity graphics cards, and demonstrate fast prediction of scanner behavior on a /16 network telescope.

No files available

Metadata only record. There are no files for this record.