Characteristics of Port Scan Traffic: A Case Study Using Nmap

Characteristics of Port Scan Traffic: A Case Study Using Nmap

Network ports, essential for communication, become susceptible to port scanning techniques employed by cybersecurity professionals, network administrators, and malicious hackers. The study digs into the specific characteristics of Nmap-generated port scan traffic, examining patterns, behaviors, and...

Full description

Saved in:
Bibliographic Details
Main Authors: Zaid Al-Khazaali, Ammar Al-Ghabban, Haneen Al-Musawi, Anwar Sabah, Noor Al Mahdi
Format: Article
Language:Arabic
Published: Mustansiriyah University/College of Engineering 2025-01-01
Series:Journal of Engineering and Sustainable Development
Subjects:
Cybersecurity
Intrusion detection
Nmap
Portscan
Reconnaissance
Wireshark
Online Access:https://jeasd.uomustansiriyah.edu.iq/index.php/jeasd/article/view/2638
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Network ports, essential for communication, become susceptible to port scanning techniques employed by cybersecurity professionals, network administrators, and malicious hackers. The study digs into the specific characteristics of Nmap-generated port scan traffic, examining patterns, behaviors, and data relations throughout the packets. Also, researchers investigate the relationships between various port scan features and approaches to provide insightful information for developing more effective intrusion detection systems. The tool Nmap, which is widely employed for reconnaissance attacks in current network security, is the subject of this paper, and the Metasploit tool is also used to illustrate specific behavior and how it differs from the Nmap tool. The paper's contribution is summarized by introducing features like source ports, destination port distribution, statistics, and time-related attributes, which can be used as distinguishable features to detect the scan traffic. The term "Indicator of Scan" (IoS), as used by the authors, refers to a broad category that includes any useful indicators for scan detection. IoS can also be useful in determining which specific scanning tool is utilized in addition to scan detection.
ISSN:2520-0917
2520-0925

Similar Items