Profiling internet scanners: Spatiotemporal structures and measurement ethics

机译：对互联网扫描仪进行概要分析：时空结构和测量伦理

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

Scanning is ubiquitous on the Internet. It assists administrators to troubleshoot their own network, researchers to survey the Internet, and malicious actors to assess the attack surface of targeted networks. As users requirements vary, scans in the wild exhibit very diverse characteristics. For example, the coverage, stealthiness and probing speed are drastically varying from one scanning IP to another. In this paper, we study 15 years of backbone traffic to understand the evolution of mass-scanning tool usage, scanning pattern and the concentration of scanning IPs (also called scanners) in small networks. We also propose a new method to classify scanning IPs' spatial and temporal structure into three profiles that reveal vastly different intent. In particular, we find that 33% of scanners repeatedly target the same set of hosts. If unsolicited, identifying this behavior provides good insights on the malicious intent of scanners. In the case of innocuous scanners, publicly documenting scanning activities and giving right to opt out are common ethical practices. Our study shows that documented scanning IPs behave differently from the vast majority of scanners. Furthermore, only 39% of these entities follow online documentation best practices.

机译：扫描在Internet上无处不在。它可以帮助管理员对自己的网络进行故障排除，研究人员对互联网进行调查以及恶意行为者来评估目标网络的攻击面。随着用户需求的变化，野外扫描显示出非常多样化的特征。例如，从一个扫描IP到另一个扫描IP，覆盖范围，隐身性和探测速度都大不相同。在本文中，我们研究了15年的骨干网络流量，以了解小型网络中大规模扫描工具的使用，扫描模式和扫描IP（也称为扫描器）的集中度的演变。我们还提出了一种新方法，将扫描IP的空间和时间结构分为三个显示出不同意图的配置文件。特别是，我们发现33％的扫描仪反复针对同一组主机。如果不请自来，则识别此行为可以很好地了解扫描程序的恶意意图。对于无害的扫描仪，公开记录扫描活动并有权选择退出是常见的道德规范。我们的研究表明，记录的扫描IP的行为与绝大多数扫描仪不同。此外，这些实体中只有39％遵循在线文档最佳实践。

著录项

来源
《Proceedings of the 1st Network Traffic Measurement and Analysis Conference》|2017年|1-9|共9页
会议地点 Dublin(IE)
作者
Johan Mazel; Romain Fontugne; Kensuke Fukuda;
展开▼
作者单位

NII/ANSSI/JFLI;

IIJ Research Lab;

NII/Sokendai;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类
关键词
Ports (Computers); Tools; IP networks; Internet; Market research; Ethics; Probes;

机译：端口（计算机）；工具； IP网络；互联网；市场研究；道德规范；探针;

相似文献

外文文献
中文文献
专利

1. Profiling Internet Scanners: Spatial and Temporal Structures [J] . Johan Mazel, Romain Fontugne, Kensuke Fukuda NII Technical Report . 2016,第2期

机译：对Internet扫描程序进行概要分析：时空结构
2. An ultra-precision scanning tunneling microscope Z-scanner for surface profile measurement of large amplitude micro-structures [J] . Shigeaki Goto, Keiichiro Hosobuchi, Wei Gao Measurement Science & Technology . 2011,第8期

机译：用于大振幅微结构表面轮廓测量的超精密扫描隧道显微镜Z扫描仪
3. Spatiotemporal treadmill gait measurements using a laser range scanner: feasibility study of the healthy young adults [J] . Tanabe S., Ii T., Koyama S., Physiological measurement . 2017,第4期

机译：使用激光范围扫描仪的时空跑步机步态测量：健康年轻人的可行性研究
4. Profiling internet scanners: Spatiotemporal structures and measurement ethics [C] . Johan Mazel, Romain Fontugne, Kensuke Fukuda Network Traffic Measurement and Analysis Conference . 2017

机译：分析互联网扫描仪：时空结构和测量伦理
5. Comparison of the Accuracy of 3D Body Scanner Measurements to Hand Measurements on the Fit of Ladies' Pants [D] . Mica, Mushfika Tasnim 2018

机译：3D人体扫描仪测量与手动测量在女士裤子上的精度的比较
6. Technical Note: Measurement of bow tie profiles in CT scanners using radiochromic film [O] . Bruce R. Whiting, Andreea C. Dohatcu, Joshua D. Evans, -1

机译：技术说明：使用射线变色胶片在CT扫描仪中测量领结轮廓
7. NON-INTRUSIVE MEASUREMENTS OF FREE-WATER-SURFACE PROFILES AND FLUCTUATIONS OF TURBULENT, TWO-PHASE FLOW USING 2-D LASER SCANNER [O] . GAŠPER RAK, MARKO HOCEVAR, FRANCI STEINMAN 2019

机译：使用2-D激光扫描仪的非侵入式测量自由水表面谱和湍流，两相流的波动

Profiling internet scanners: Spatiotemporal structures and measurement ethics

摘要

著录项

相似文献

相关主题

期刊订阅