Study on Network Scanning Using Machine Learning-Based Methods

  • Indranil Roy
  • Shekhar Sonthalia
  • Trideep MandalEmail author
  • Animesh Kairi
  • Mohuya Chakraborty
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 1065)


Network scanning is among the first steps to determine security status of a computer network. Although there are many existing tools for scanning a network, they lack a key component—versatility. In the present day, there are multitudinous attacks that a network may be exposed to. Existing network scanning tools can scan for only those vulnerabilities that the scanner was designed to scan for. They lack the ability to efficiently adapt to newer threats. In this paper, we discuss the ways in which machine learning-based methods can improve accuracy and precision of network scanning. We also describe the approach we have adopted to implement this technique.


Machine learning Network scanning Intrusion detection Vulnerability analysis 


  1. 1.
    Gupta, A., Klavinsky, T., Laliberte, S.: Security through penetration testing: internet penetration. InformIT. Pearson PLC. Retrieved 2013-03-31 (2002)Google Scholar
  2. 2.
    RFC 2828 Internet Security GlossaryGoogle Scholar
  3. 3.
    Mitchell, T., Buchanan, B., DeJong, G., Dietterich, T., Rosenbloom, P., Waibel, A: Machine Learning. Annu. Rev. Comput. Sci. 4:417–433 (Volume publication date June 1990)CrossRefGoogle Scholar
  4. 4.
    Wang, M.., Cui, Y.., Wang, X.., Xiao, S., Jiang, J.: Machine learning for Networking: Workflow, Advances and Opportinities. IEEE Network
  5. 5.
    Boutaba, R., Salahuddin, M.A., Limam, N., Ayoubi, S., Shahriar, N., Estrada-Solano, Felipe, Caicedo, O.M.: A comprehensive survey on machine learning for networking: evolution, applications and research opportunities. J. Internet Serv. Appl. 9, 16 (2018)CrossRefGoogle Scholar
  6. 6.
    Bacudio, A.G., Yuan, X., Chu, B.-T.B., Jones, M.: An overview of penetration testing. Int. J. Netw. Secur. Its Appl. (IJNSA) 3(6) (2011)CrossRefGoogle Scholar
  7. 7.
    Nmap—free security scanner for network explorer. Accessed 23 Nov 2011
  8. 8.
    MetaSploit.: Accessed 23 Nov 2011
  9. 9.
    Skoudis, E.: Powerful payloads: the evolution of exploit frameworks (2005) Accessed 23 Nov 2011
  10. 10.
    Sanfilippo, S.: Hping—active network security tool., Accessed 23 Nov 2011
  11. 11.
    Xprobe2.: Accessed 23 Nov 2011
  12. 12.
  13. 13.
    Httprint.: Accessed 23 Nov 2011Google Scholar
  14. 14.
    Nessus.: Accessed 23 Nov 2011
  15. 15.
    Shadow Security Scanner.: Accessed 23 Nov 2011
  16. 16.
    Iss Scanner.: Accessed 23 Nov 2011
  17. 17.
    GFI LAN guard.: Accessed 23 Nov 2011
  18. 18.
  19. 19.
    Tavallaee, M., Bagheri, E., Lu, W., Ghorban, A.A.: A detailed analysis of the KDD CUP 99 Data Set. In: Proceedings of the 2009 IEEE Symposium on Computational Intelligence in Security and Defence Applications (CISDA 2009)Google Scholar
  20. 20.
    Bishop, C.M.: Pattern Recognition and Machine Learning. Springer. (2006). ISBN 978-0-387-31073-2 Google Scholar
  21. 21.
    Henry, K.M.: Penetration testing is the simulation of an attack on a system, network, piece of equipment or other facility, with the objective of proving how vulnerable that system or “target” would be to a real attack. Penetration testing: protecting networks and systems. IT Governance Ltd. (2012). ISBN 978-1-849-28371-7Google Scholar
  22. 22.
    Faircloth, J.: Chapter 1: Tools of the Trade. Penetration Tester’s Open Source Toolkit, 3rd ed. Elsevier. (2011). ISBN 978-1597496278Google Scholar
  23. 23.
    Nmap license.: Retrieved 2019-01-21Google Scholar
  24. 24. Nmap Scripting Engine: Introduction. Retrieved 2018-10-28Google Scholar
  25. 25.
    Lyon, G.F.: Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning. LLC. p. 468. (2009). ISBN 978-0-9799587-1-7Google Scholar
  26. 26.
    Haines, J., Ryder, D.K., Tinnel, L., Taylor, S.: Validation of sensor alert correlators. IEEE Secur. Priv. 99(1):46–56 (2003). Scholar
  27. 27.
    Medeiros, J.P.S., Brito Jr., A.M., Pires, P.S.M.: Computational Intelligence in Security for Information Systems. Adv. Intell. Soft Comput. 63, 1–8 (2009). ISBN 978-3-642-04090-0Google Scholar
  28. 28.
    Metasploit.: Metasploit. Retrieved 2017-01-14
  29. 29.
    Foster, J.C., Liu, V.: Sockets, shellcode, porting and coding: reverse engineering exploits and tool coding for security professionals. Chapter 12: Writing Exploits III. ISBN 1-59749-005-9Google Scholar
  30. 30.
    Foreman, P.: Vulnerability Management. page 1. Taylor & Francis Group (2010). ISBN 978-1-4398-0150-5Google Scholar
  31. 31.
    Bishop, M., Bailey, D.: A critical analysis of vulnerability taxonomies. Technical Report CSE-96-11, Department of Computer Science at the University of California at Davis, September 1996Google Scholar
  32. 32.
    Kakareka, A.: 23. In: Vacca, J. (ed.) Computer and Information Security Handbook, p. 393. Morgan Kaufmann Publications. Elsevier Inc. (2009). ISBN 978-0-12-374354-1Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2020

Authors and Affiliations

  • Indranil Roy
    • 1
  • Shekhar Sonthalia
    • 1
  • Trideep Mandal
    • 1
    Email author
  • Animesh Kairi
    • 1
  • Mohuya Chakraborty
    • 1
  1. 1.Department of Information TechnologyInstitute of Engineering and ManagementKolkataIndia

Personalised recommendations