Research on the Speed and Accuracy of Full Port Scanning

Abstract

As the most basic means of network attack, port scanning is the most commonly used attack tool in penetration testing. Full-port scanning of the system can identify potential threats to the system in advance, however, existing full-port scanning methods need to scan the full amount of ports, which is relatively time-consuming. In this paper, we propose a sampling-based full-port scanning method that can minimize the scanning cost while maintaining the scanning accuracy. We use three port scanning tools to perform port scanning in a controlled environment to validate our method, and quantitatively analyze the scanning accuracy and scanning speed of different scanners in different scenarios. Besides, by analyzing the experimental results, we give a set of solutions for the use of scanners in different environments.