Accessibility of information on the Web
intelligence
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Practical automated detection of stealthy portscans
Journal of Computer Security
Computer
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
IEEE Security and Privacy
Estimating loss rates with TCP
ACM SIGMETRICS Performance Evaluation Review
Characteristics of internet background radiation
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
IPv4 address allocation and the BGP routing table evolution
ACM SIGCOMM Computer Communication Review
Measuring the evolution of transport protocols in the internet
ACM SIGCOMM Computer Communication Review
Routing Worm: A Fast, Selective Attack Worm Based on IP Address Information
Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation
Communications of the ACM - ACM at sixty: a look back in time
Mapping internet sensors with probe response attacks
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Vulnerabilities of passive internet threat monitors
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Mapping and visualizing the internet
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
Understanding passive and active service discovery
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Modeling Heterogeneous User Churn and Local Resilience of Unstructured P2P Networks
ICNP '06 Proceedings of the Proceedings of the 2006 IEEE International Conference on Network Protocols
Optimal worm-scanning method using vulnerable-host distributions
International Journal of Security and Networks
Distributed Evasive Scan Techniques and Countermeasures
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Census and survey of the visible internet
Proceedings of the 8th ACM SIGCOMM conference on Internet measurement
Highly predictive blacklisting
SS'08 Proceedings of the 17th conference on Security symposium
Automating analysis of large-scale botnet probing events
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Enabling high-performance internet-wide measurements on windows
PAM'10 Proceedings of the 11th international conference on Passive and active measurement
New methods for passive estimation of TCP round-trip times
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
Predicting and tracking internet path changes
Proceedings of the ACM SIGCOMM 2011 conference
Analysis of a "/0" stealth scan from a botnet
Proceedings of the 2012 ACM conference on Internet measurement conference
On measuring the client-side DNS infrastructure
Proceedings of the 2013 conference on Internet measurement conference
ZMap: fast internet-wide scanning and its security applications
SEC'13 Proceedings of the 22nd USENIX conference on Security
Dissecting Bufferbloat: measurement and per-application breakdown of queueing delay
Proceedings of the 2013 workshop on Student workhop
Hi-index | 0.00 |
This paper develops a high-performance, Internet-wide service discovery tool, which we call IRLscanner, whose main design objectives have been to maximize politeness at remote networks, allow scanning rates that achieve coverage of the Internet in minutes/hours (rather than weeks/months), and significantly reduce administrator complaints. Using IRLscanner and 24-hour scans, we perform 21 Internet-wide experiments using 6 different protocols (i.e., DNS, HTTP, SMTP, EPMAP, ICMP and UDP ECHO), demonstrate the usefulness of ACK scans in detecting live hosts behind stateless firewalls, and undertake the first Internet-wide OS fingerprinting. In addition, we analyze the feedback generated (e.g., complaints, IDS alarms) and suggest novel approaches for reducing the amount of blowback during similar studies, which should enable researchers to collect valuable experimental data in the future with significantly fewer hurdles.