MONOSEK -一个使用模式分析来分析和检测TCP圣诞节攻击的网络数据包处理系统

2019 International Conference on Intelligent Computing and Control Systems (ICCS) Pub Date : 2019-05-01 DOI:10.1109/ICCS45141.2019.9065325

Reshma Banu, J. T., Amulya M, Anju K N, A. Raju, Shishira N Kashyap

{"title":"MONOSEK -一个使用模式分析来分析和检测TCP圣诞节攻击的网络数据包处理系统","authors":"Reshma Banu, J. T., Amulya M, Anju K N, A. Raju, Shishira N Kashyap","doi":"10.1109/ICCS45141.2019.9065325","DOIUrl":null,"url":null,"abstract":"Identification of an open or closed port is done using several port scanning techniques and one of them is TCP Xmas scan. In the TCP header, URG, PSH and FIN flags are utilized for scanning the port. On the targeted system, receiving ports are identified. Distinct packets are directed to the target system. There are several port scanning tools like Snort and Wireshark. In this paper we highlight the advantages of Nmap. Nmap is a network scanning tool which is used for penetration testing and host detection. Specially designed packets are sent to the target host and the reply is analyzed. MONOSEK is used for analyzing the packets. MONOSEK is a Network Session Analysis and Network Packet Processing system. Xmas attack is detected in order to prevent OS fingerprinting and to scan web services.","PeriodicalId":433980,"journal":{"name":"2019 International Conference on Intelligent Computing and Control Systems (ICCS)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"MONOSEK – A Network Packet Processing System for Analysis & Detection of TCP Xmas attack using Pattern Analysis\",\"authors\":\"Reshma Banu, J. T., Amulya M, Anju K N, A. Raju, Shishira N Kashyap\",\"doi\":\"10.1109/ICCS45141.2019.9065325\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Identification of an open or closed port is done using several port scanning techniques and one of them is TCP Xmas scan. In the TCP header, URG, PSH and FIN flags are utilized for scanning the port. On the targeted system, receiving ports are identified. Distinct packets are directed to the target system. There are several port scanning tools like Snort and Wireshark. In this paper we highlight the advantages of Nmap. Nmap is a network scanning tool which is used for penetration testing and host detection. Specially designed packets are sent to the target host and the reply is analyzed. MONOSEK is used for analyzing the packets. MONOSEK is a Network Session Analysis and Network Packet Processing system. Xmas attack is detected in order to prevent OS fingerprinting and to scan web services.\",\"PeriodicalId\":433980,\"journal\":{\"name\":\"2019 International Conference on Intelligent Computing and Control Systems (ICCS)\",\"volume\":\"19 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-05-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 International Conference on Intelligent Computing and Control Systems (ICCS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCS45141.2019.9065325\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 International Conference on Intelligent Computing and Control Systems (ICCS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCS45141.2019.9065325","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

打开或关闭端口的识别是使用几种端口扫描技术完成的，其中之一是TCP圣诞扫描。在TCP报头中，URG、PSH和FIN标志用于扫描端口。在目标系统上，识别接收端口。不同的数据包被定向到目标系统。有几种端口扫描工具，如Snort和Wireshark。本文着重介绍了Nmap的优点。Nmap是一个网络扫描工具，用于渗透测试和主机检测。将专门设计的数据包发送到目标主机，并分析其应答。MONOSEK用于分析数据包。MONOSEK是一个网络会话分析和网络数据包处理系统。圣诞节攻击检测，以防止操作系统指纹和扫描web服务。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

MONOSEK – A Network Packet Processing System for Analysis & Detection of TCP Xmas attack using Pattern Analysis

Identification of an open or closed port is done using several port scanning techniques and one of them is TCP Xmas scan. In the TCP header, URG, PSH and FIN flags are utilized for scanning the port. On the targeted system, receiving ports are identified. Distinct packets are directed to the target system. There are several port scanning tools like Snort and Wireshark. In this paper we highlight the advantages of Nmap. Nmap is a network scanning tool which is used for penetration testing and host detection. Specially designed packets are sent to the target host and the reply is analyzed. MONOSEK is used for analyzing the packets. MONOSEK is a Network Session Analysis and Network Packet Processing system. Xmas attack is detected in order to prevent OS fingerprinting and to scan web services.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 International Conference on Intelligent Computing and Control Systems (ICCS)

自引率

0.00%

发文量