Detection and protection against network scanning: IEDP

Author

Xiaobing, Guo ; Depei, Qian ; Min, Liu ; Ran, Zhang ; Bin, Xu

Author_Institution

Dept. of Comput. Sci. & Eng., Xi´´an Jiaotong Univ., China

fYear

2001

fDate

2001

Firstpage

487

Lastpage

493

Abstract

Network scanning is an increasing threat to network security. This paper classifies and analyzes current scanning methods, and draws a conclusion that the current detection and protection of scanning mainly aim at information concealment. A novel system of the detection and protection named IEDP is presented in this paper Its concept is discussed and its implementation is described in details. Compared with the current approaches, the concept of IEDP can be recapitulated in one word: "impartation". When detecting a scanning, IEDP gives the scanner bogus information to spoof and confuse him/her. So, for example, when scanning ports, the scanner will find that all ports are listening and can\´t tell which port is really open. IEDP also adopts a new mechanism called error steering to spoof the scanner IEDP randomly steers errors in communication with the scanner, let the scanner believe that the communication is unstable and give up scanning. Experiments show that IEDP system is efficient

Keywords

computer networks; security of data; telecommunication security; IEDP system; detection; firewall; network attack; network scanning; network security; protection; Computer science; Computer security; IEEE news; IP networks; Information analysis; Information security; Notice of Violation; Protection; Radio access networks; TCPIP;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Networks and Mobile Computing, 2001. Proceedings. 2001 International Conference on

Conference_Location

Los Alamitos, CA

Print_ISBN

0-7695-1381-6

Type

conf

DOI

10.1109/ICCNMC.2001.962637

Filename

962637