Add to ORKGThis thesis focuses on the classification of behavioural aspects of scanners based on unroutable traffic collected from two /16 subnets. Firstly the study determines that the use of a smaller dataset achieves similar results and allows for the same correctness compared to larger ones. Secondly different scanning tools are analysed, and methods for their fingerprinting are explained. The implementation of detection methods reveals the usage of particular tools and the the existence of previously unknown software. Analysing these previously unknown tools shows that there is a difference in levels of sophistication of the tools used by scanners. Following, this thesis confirms the existence of the horizontal, vertical and strobe scanner classe...
Due to the growth in prominence of Web, there is a need for proficient system administration. Networ...
Network scans are a common first step in a network intrusion attempt. In order to gain information a...
Scanning activity is a common activity on the Internet today, representing malicious activity such a...
The master thesis focuses on problem of identifying device types on a local network. The work explor...
The internet is rapidly growing, and with it grows the number of malicious actors. For many attacks,...
Malicious agents like self-propagating worms often rely on port and/or address scanning to discover ...
Scans are often used by adversaries to determine the potential weaknesses in a target network or sys...
Abstract—Network Intrusion Detection is, in a modern network, a useful tool to detect a wide variety...
Port scans are typically at the begin of a chain of events that will lead to the attack and exploita...
Traffic classification has received increasing attention in the last years. It aims at offering the ...
Abstract While it is widely known that port scanning is widespread, neither the scanning landscape n...
The Internet, while emerging as the key component for all sorts of communication, is far from well-u...
Today’s Internet contains a large portion of “dynamic ” IP ad-dresses, which are assigned to clients...
International audienceInternet-wide scanners are heavily used for malicious activities. This work mo...
While it is widely known that port scanning is widespread, neither the scanning landscape nor the de...
Due to the growth in prominence of Web, there is a need for proficient system administration. Networ...
Network scans are a common first step in a network intrusion attempt. In order to gain information a...
Scanning activity is a common activity on the Internet today, representing malicious activity such a...
The master thesis focuses on problem of identifying device types on a local network. The work explor...
The internet is rapidly growing, and with it grows the number of malicious actors. For many attacks,...
Malicious agents like self-propagating worms often rely on port and/or address scanning to discover ...
Scans are often used by adversaries to determine the potential weaknesses in a target network or sys...
Abstract—Network Intrusion Detection is, in a modern network, a useful tool to detect a wide variety...
Port scans are typically at the begin of a chain of events that will lead to the attack and exploita...
Traffic classification has received increasing attention in the last years. It aims at offering the ...
Abstract While it is widely known that port scanning is widespread, neither the scanning landscape n...
The Internet, while emerging as the key component for all sorts of communication, is far from well-u...
Today’s Internet contains a large portion of “dynamic ” IP ad-dresses, which are assigned to clients...
International audienceInternet-wide scanners are heavily used for malicious activities. This work mo...
While it is widely known that port scanning is widespread, neither the scanning landscape nor the de...
Due to the growth in prominence of Web, there is a need for proficient system administration. Networ...
Network scans are a common first step in a network intrusion attempt. In order to gain information a...
Scanning activity is a common activity on the Internet today, representing malicious activity such a...