Abstract
Network scanning is among the first steps to determine security status of a computer network. Although there are many existing tools for scanning a network, they lack a key component—versatility. In the present day, there are multitudinous attacks that a network may be exposed to. Existing network scanning tools can scan for only those vulnerabilities that the scanner was designed to scan for. They lack the ability to efficiently adapt to newer threats. In this paper, we discuss the ways in which machine learning-based methods can improve accuracy and precision of network scanning. We also describe the approach we have adopted to implement this technique.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Gupta, A., Klavinsky, T., Laliberte, S.: Security through penetration testing: internet penetration. InformIT. Pearson PLC. Retrieved 2013-03-31 (2002)
RFC 2828 Internet Security Glossary
Mitchell, T., Buchanan, B., DeJong, G., Dietterich, T., Rosenbloom, P., Waibel, A: Machine Learning. Annu. Rev. Comput. Sci. 4:417–433 (Volume publication date June 1990)
Wang, M.., Cui, Y.., Wang, X.., Xiao, S., Jiang, J.: Machine learning for Networking: Workflow, Advances and Opportinities. IEEE Network https://doi.org/10.1109/mnet20121700200
Boutaba, R., Salahuddin, M.A., Limam, N., Ayoubi, S., Shahriar, N., Estrada-Solano, Felipe, Caicedo, O.M.: A comprehensive survey on machine learning for networking: evolution, applications and research opportunities. J. Internet Serv. Appl. 9, 16 (2018)
Bacudio, A.G., Yuan, X., Chu, B.-T.B., Jones, M.: An overview of penetration testing. Int. J. Netw. Secur. Its Appl. (IJNSA) 3(6) (2011)
Nmap—free security scanner for network explorer. http://nmap.org/. Accessed 23 Nov 2011
MetaSploit.: http://www.metasploit.com/. Accessed 23 Nov 2011
Skoudis, E.: Powerful payloads: the evolution of exploit frameworks (2005) http://searchsecurity.techtarget.com/news/1135581/Powerful-payloads-The-evolution-of-exploit-frameworks. Accessed 23 Nov 2011
Sanfilippo, S.: Hping—active network security tool. http://www.hping.org/, Accessed 23 Nov 2011
Xprobe2.: http://www.net-security.org/software.php?id=231. Accessed 23 Nov 2011
P0f.: http://www.net-security.org/software.php?id=164. Accessed 23 Nov 2011
Httprint.: http://net-square.com/httprint/. Accessed 23 Nov 2011
Nessus.: http://www.tenable.com/products/nessus. Accessed 23 Nov 2011
Shadow Security Scanner.: http://www.safety-lab.com/en/download.htm. Accessed 23 Nov 2011
Iss Scanner.: http://shareme.com/showtop/freeware/iss-scanner.html. Accessed 23 Nov 2011
GFI LAN guard.: http://www.gfi.com/network-security-vulnerability-scanner. Accessed 23 Nov 2011
Brutus.: http://download.cnet.com/Brutus/3000-2344_4-10455770.html. Accessed 23 Nov 2011
Tavallaee, M., Bagheri, E., Lu, W., Ghorban, A.A.: A detailed analysis of the KDD CUP 99 Data Set. In: Proceedings of the 2009 IEEE Symposium on Computational Intelligence in Security and Defence Applications (CISDA 2009)
Bishop, C.M.: Pattern Recognition and Machine Learning. Springer. (2006). ISBN 978-0-387-31073-2
Henry, K.M.: Penetration testing is the simulation of an attack on a system, network, piece of equipment or other facility, with the objective of proving how vulnerable that system or “target” would be to a real attack. Penetration testing: protecting networks and systems. IT Governance Ltd. (2012). ISBN 978-1-849-28371-7
Faircloth, J.: Chapter 1: Tools of the Trade. Penetration Tester’s Open Source Toolkit, 3rd ed. Elsevier. (2011). ISBN 978-1597496278
Nmap license.: Retrieved 2019-01-21
Nmap.org. Nmap Scripting Engine: Introduction. Retrieved 2018-10-28
Lyon, G.F.: Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning. Insecure.com LLC. p. 468. (2009). ISBN 978-0-9799587-1-7
Haines, J., Ryder, D.K., Tinnel, L., Taylor, S.: Validation of sensor alert correlators. IEEE Secur. Priv. 99(1):46–56 (2003). https://doi.org/10.1109/msecp.2003.1176995
Medeiros, J.P.S., Brito Jr., A.M., Pires, P.S.M.: Computational Intelligence in Security for Information Systems. Adv. Intell. Soft Comput. 63, 1–8 (2009). https://doi.org/10.1007/978-3-642-04091-7_1. ISBN 978-3-642-04090-0
Metasploit.: Metasploit. www.exploit-db.com. Retrieved 2017-01-14
Foster, J.C., Liu, V.: Sockets, shellcode, porting and coding: reverse engineering exploits and tool coding for security professionals. Chapter 12: Writing Exploits III. ISBN 1-59749-005-9
Foreman, P.: Vulnerability Management. page 1. Taylor & Francis Group (2010). ISBN 978-1-4398-0150-5
Bishop, M., Bailey, D.: A critical analysis of vulnerability taxonomies. Technical Report CSE-96-11, Department of Computer Science at the University of California at Davis, September 1996
Kakareka, A.: 23. In: Vacca, J. (ed.) Computer and Information Security Handbook, p. 393. Morgan Kaufmann Publications. Elsevier Inc. (2009). ISBN 978-0-12-374354-1
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Roy, I., Sonthalia, S., Mandal, T., Kairi, A., Chakraborty, M. (2020). Study on Network Scanning Using Machine Learning-Based Methods. In: Chakraborty, M., Chakrabarti, S., Balas, V. (eds) Proceedings of International Ethical Hacking Conference 2019. eHaCON 2019. Advances in Intelligent Systems and Computing, vol 1065. Springer, Singapore. https://doi.org/10.1007/978-981-15-0361-0_6
Download citation
DOI: https://doi.org/10.1007/978-981-15-0361-0_6
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-0360-3
Online ISBN: 978-981-15-0361-0
eBook Packages: EngineeringEngineering (R0)