A new approach to building a disguised server using the honey port against general scanning attacks

Hyun Soo Park, Young Bae Jeon, Ji Won Yoon

Research output: Chapter in Book/Report/Conference proceedingChapter

Abstract

The port scan is a well-known technique which malicious people often use before attacking a server. The attackers obtain the fingerprint of the target server by scanning ports and then make an attack scenario. Several approaches including the ‘port knocking’ and ‘Single Packet Authorization’ (SPA) have been developed to defense port scanning attack and allow only authenticated users to access ports. However, the approaches have a disadvantage that the attacker can obtain the information about the ports by applying inference techniques given observed patterns. If a router, connecting the server to the outside, is cracked by the attacker, he or she could infer particular ports which authenticated users consistently use to communicate with the server. In this paper, we propose a new defense method, Honeyport, which can prevent the attackers from obtaining the information about ports and make them demotivated by disguising the server as peripherals. Furthermore, by adopting packet encryption as in IPSec, the attacker cannot obtain the critical information via packet sniffing in our proposed model.

Original languageEnglish
Title of host publicationLecture Notes on Data Engineering and Communications Technologies
PublisherSpringer
Pages453-465
Number of pages13
DOIs
Publication statusPublished - 2017

Publication series

NameLecture Notes on Data Engineering and Communications Technologies
Volume2
ISSN (Print)2367-4512
ISSN (Electronic)2367-4520

Keywords

  • Advance Encryption Standard
  • Destination Port
  • Transmission Control Protocol
  • User Datagram Protocol
  • Victim Server

ASJC Scopus subject areas

  • Media Technology
  • Electrical and Electronic Engineering
  • Computer Science Applications
  • Computer Networks and Communications
  • Information Systems

Fingerprint Dive into the research topics of 'A new approach to building a disguised server using the honey port against general scanning attacks'. Together they form a unique fingerprint.

  • Cite this

    Park, H. S., Jeon, Y. B., & Yoon, J. W. (2017). A new approach to building a disguised server using the honey port against general scanning attacks. In Lecture Notes on Data Engineering and Communications Technologies (pp. 453-465). (Lecture Notes on Data Engineering and Communications Technologies; Vol. 2). Springer. https://doi.org/10.1007/978-3-319-49106-6_44