Performance evaluation of network scanning tools with operation of firewall

As the number of devices connected to the Internet has been exponentially increasing, the degree of threats to those devices and networks has been also increasing. Various network scanning tools, which use fingerprinting techniques, have been developed to make the devices and networks secure by providing the information on its status. However, the tools may be used for malicious purposes. Using network scanning tools, attackers can not only obtain the information of devices such as the name of OS, version, and sessions but also find its vulnerabilities which can be used for further cyber-attacks. In this paper, we compare and analyze the performances of widely used network scanning tools such as Nmap and Nessus. The existing researches on the network scanning tools analyzed a specific scanning tools and they assumed there are only small number of network devices. In this paper, we compare and analyze the performances of several tools in practical network environments with the number of devices more than 40. The results of this paper provide the direction to prevent possible attacks when they are utilized as attack tools as well as the practical understanding of the threats by network scanning tools and fingerprinting techniques.

[1]  Ting Wang,et al.  Overview on attack graph generation and visualization technology , 2013, 2013 International Conference on Anti-Counterfeiting, Security and Identification (ASID).

[2]  Jugal K. Kalita,et al.  Network Anomaly Detection: Methods, Systems and Tools , 2014, IEEE Communications Surveys & Tutorials.

[3]  Gatta Sambasiva Rao,et al.  Security assessment of computer networks -an ethical hacker's perspective , 2014, International Conference on Computing and Communication Technologies.

[4]  Jugal K. Kalita,et al.  Network attacks: Taxonomy, tools and systems , 2014, J. Netw. Comput. Appl..

[5]  Andrei V. Gurtov,et al.  Security in Software Defined Networks: A Survey , 2015, IEEE Communications Surveys & Tutorials.

[6]  George Markowsky,et al.  Scanning for vulnerable devices in the Internet of Things , 2015, 2015 IEEE 8th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS).

[7]  Sithu D. Sudarsan,et al.  An Innovative UDP Port Scanning Technique , 2014 .

[8]  Kim-Kwang Raymond Choo,et al.  Security, Privacy, and Anonymity in Computation, Communication, and Storage , 2017, Lecture Notes in Computer Science.

[9]  Guofei Gu,et al.  Attacking software-defined networks: a first feasibility study , 2013, HotSDN '13.

[10]  Xu Zhang,et al.  Original SYN: Finding machines hidden behind firewalls , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[11]  Sasko Ristov,et al.  Security Vulnerability Assessment of OpenStack Cloud , 2014, 2014 Sixth International Conference on Computational Intelligence, Communication Systems and Networks.

[12]  Craig Smith,et al.  Know Your Enemy : Passive Fingerprinting , 2001 .

[13]  Ian Welch,et al.  Evaluation of Fingerprinting Techniques and a Windows-based Dynamic Honeypot , 2013, AISC.

[14]  Mourad Debbabi,et al.  Cyber Scanning: A Comprehensive Survey , 2014, IEEE Communications Surveys & Tutorials.

[15]  Sakir Sezer,et al.  Sdn Security: A Survey , 2013, 2013 IEEE SDN for Future Networks and Services (SDN4FNS).

[16]  Béla Genge,et al.  ShoVAT: Shodan-based vulnerability assessment tool for Internet-facing services , 2016, Secur. Commun. Networks.