作者
Akira Tanaka, Chansu Han, Takeshi Takahashi, Katsuki Fujisawa
发表日期
2021/12/6
研讨会论文
2021 Sixth International Conference on Fog and Mobile Edge Computing (FMEC)
页码范围
1-6
出版商
IEEE
简介
Identifying individual scan activities is a crucial and challenging activity for mitigating emerging cyber threats or gaining insights into security scans. Sophisticated adversaries distribute their scans over multiple hosts and operate with stealth; therefore, low-rate scans hide beneath other benign traffic. Although previous studies attempted to discover such stealth scans by observing the distribution of ports and hosts, well-organized scans are difficult to find. However, a scanner can embed a fingerprint into the packet fields to distinguish between the scan and other traffic. In this study, we propose a new algorithm to identify the flexible fingerprint in consideration of the genetic algorithm idea. To the best of our knowledge, this is the first such attempt. We successfully identified previously unknown fingerprints rather than existing ones through numer-ical experiments on darknet traffic. We analyzed the packets and …
学术搜索中的文章
A Tanaka, C Han, T Takahashi, K Fujisawa - 2021 Sixth International Conference on Fog and …, 2021