CFP last date
21 April 2025
Call for Paper
May Edition
IJCA solicits high quality original research papers for the upcoming May edition of the journal. The last date of research paper submission is 21 April 2025

Submit your paper
Know more
The week's pick
Responsive image
Attack information gathering from network analysis data during scanning activity

Stephane J. Tamafo Elie Fute Tagne Jaime C. Acosta Charles Kamhoua Rawat Danda
Random Articles
Reseach Article

Attack Information Gathering from Network Analysis Data during Scanning Activity

by Stephane J. Tamafo, Elie Fute Tagne, Jaime C. Acosta, Charles Kamhoua, Rawat Danda
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 186 - Number 77
Year of Publication: 2025
Authors: Stephane J. Tamafo, Elie Fute Tagne, Jaime C. Acosta, Charles Kamhoua, Rawat Danda
10.5120/ijca2025924673

Stephane J. Tamafo, Elie Fute Tagne, Jaime C. Acosta, Charles Kamhoua, Rawat Danda . Attack Information Gathering from Network Analysis Data during Scanning Activity. International Journal of Computer Applications. 186, 77 ( Apr 2025), 1-10. DOI=10.5120/ijca2025924673

@article{ 10.5120/ijca2025924673,
author = { Stephane J. Tamafo, Elie Fute Tagne, Jaime C. Acosta, Charles Kamhoua, Rawat Danda },
title = { Attack Information Gathering from Network Analysis Data during Scanning Activity },
journal = { International Journal of Computer Applications },
issue_date = { Apr 2025 },
volume = { 186 },
number = { 77 },
month = { Apr },
year = { 2025 },
issn = { 0975-8887 },
pages = { 1-10 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume186/number77/attack-information-gathering-from-network-analysis-data-during-scanning-activity/ },
doi = { 10.5120/ijca2025924673 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2025-04-05T01:33:44+05:30
%A Stephane J. Tamafo
%A Elie Fute Tagne
%A Jaime C. Acosta
%A Charles Kamhoua
%A Rawat Danda
%T Attack Information Gathering from Network Analysis Data during Scanning Activity
%J International Journal of Computer Applications
%@ 0975-8887
%V 186
%N 77
%P 1-10
%D 2025
%I Foundation of Computer Science (FCS), NY, USA
Abstract

The rise of cloud computing, remote work, and IoT has heightened the risk of cyberattacks, exposing sensitive data to advanced threats. Traditional security measures, such as cryptography and intrusion detection systems, often fail against zero-day exploits. This paper proposes a proactive approach to network security by identifying scanning tools and targeted services during the reconnaissance phase of an attack. By analyzing network scanning activities, it becomes possible to detect the tools, techniques, and targeted services used by attackers, enabling preemptive defense. The methodology involves capturing network traffic during scans, extracting key features, and using decision tree-based machine learning models to classify scanning tools, techniques, and services. Experiments conducted with theWeka tool demonstrate high accuracy in identifying scanning techniques (96.8%) and targeted services (98%). This approach provides critical insights into attackers’ intentions, allowing for tailored defensive measures before an attack escalates. The results underscore the effectiveness of machine learning in enhancing network security by preemptively identifying and mitigating potential threats.

References
  1. Datasets of different scanning tools and techniques. https: //github.com/stephane65133/Data.
  2. Result confusion matrix. https://github.com/ stephane65133/Data/blob/main/confusion% 20matrix.PNG. Accessed: 2023-03-26.
  3. Kamarularifin Abd Jalil, Muhammad Hilmi Kamarudin, and Mohamad Noorman Masrek. Comparison of machine learning algorithms performance in detecting network intrusion. In 2010 International Conference on Networking and information technology, pages 221–226. IEEE, 2010.
  4. Abdulghani Ali Ahmed. Investigation approach for network attack intention recognition. In Digital Forensics and Forensic Investigations: Breakthroughs in Research and Practice, pages 185–208. IGI Global, 2020.
  5. Abdulghani Ali Ahmed and Noorul Ahlami Kamarul Zaman. Attack intention recognition: A review. Int. J. Netw. Secur., 19(2):244–250, 2017.
  6. Mohammad Almseidin, Mouhammd Al-Kasassbeh, and Szilveszter Kovacs. Detecting slow port scan using fuzzy rule interpolation. In 2019 2nd International Conference on new Trends in Computing Sciences (ICTCS), pages 1–6. IEEE, 2019.
  7. Ch Ambedkar and V Kishore Babu. Detection of probe attacks using machine learning techniques. International Journal of Research Studies in Computer Science and Engineering, 2(3):25–29, 2015.
  8. Liu Y. Li S. Gao X. Chen, B. Attack intent analysis method based on attack path graph. In In Proceedings of the 2019 the 9th International Conference on Communication and Network Security, pages 97–102, 2018.
  9. U. Franke and M. Anderson. Using cyber deception to enhance early detection of threats. Computer Security Journal, 5(1):72–84, 2016.
  10. Jayant Gadge and Anish Anand Patil. Port scan detection. In 2008 16th IEEE international conference on networks, pages 1–6. IEEE, 2008.
  11. D. Huth and L. Brown. Honeypot systems and their role in cybersecurity intelligence. International Journal of Information Security, 16(5):355–367, 2018.
  12. Cynthia Bailey Lee, Chris Roedel, and Elena Silenok. Detection and characterization of port scan attacks. Univeristy of California, Department of Computer Science and Engineering, 2003.
  13. Han Liu, Dezhi Han, and Dun Li. Behavior analysis and blockchain based trust management in vanets. Journal of Parallel and Distributed Computing, 151:61–69, 2021.
  14. Talha Ongun, Oliver Spohngellert, Benjamin Miller, Simona Boboila, Alina Oprea, Tina Eliassi-Rad, Jason Hiser, Alastair Nottingham, Jack Davidson, and Malathi Veeraraghavan. Portfiler: Port-level network profiling for self-propagating malware detection. In 2021 IEEE Conference on Communications and Network Security (CNS), pages 182–190. IEEE, 2021.
  15. WANG Zhigang et CHEN Junhua PENG, Wu. Research on attack intention recognition based on graphical model. In Fifth International Conference on Information Assurance and Security. IEEE,, pages 360–363. IEEE, 2009.
  16. Xinzhou Qin and Wenke Lee. Attack plan recognition and prediction using causal networks. In 20th Annual Computer Security Applications Conference, pages 370–379. IEEE, 2004.
  17. Jantan A. Rasmi, M. Attack intention analysis model for network forensics. In In Software Engineering and Computer Systems: Second International Conference, ICSECS 2011, Kuantan, Pahang, Malaysia, June 27-29, 2011, Proceedings, Part II 2, pages 403–411. Springer Berlin Heidelberg., 2011.
  18. P. Refaeilzadeh, L. Tang, and H. Liu. Cross-validation. In L. Liu and M. T. O¨ zsu, editors, Encyclopedia of Database Systems, pages 532–538. Springer US, 2009.
  19. N. C. Rowe. Cyber deception: Enhancing the effectiveness of honeypots in network security. Journal of Cybersecurity and Privacy, 1(2):98–112, 2019.
  20. Farhan Sadique and Shamik Sengupta. Analysis of attacker behavior in compromised hosts during command and control. In ICC 2021-IEEE International Conference on Communications, pages 1–7. IEEE, 2021.
  21. J. Schneider and A. Herrmann. Early identification of system scanning activities in cybersecurity. Cybersecurity Journal, 3(2):102–115, 2017.
  22. S. Sengupta and A. Choudhury. Proactive cyber defense through deception: A framework for emerging threats. Journal of Network and Computer Applications, 45:12–22, 2019.
  23. A. B. Smith and P. Williams. Challenges in deploying cyber deception mechanisms: Avoiding common pitfalls. Journal of Cyber Threats, 7(3):204–216, 2017.
  24. Stout W. Luc-Watson J. Grim C. Liebrock L. Merza M. Urias, V. Technologies to enable cyber deception. In In 2017 International Carnahan Conference on Security Technology (ICCST) IEEE, pages 1–6, 2017.
  25. M Vidhya. Efficient classification of portscan attacks using support vector machine. In 2013 International Conference on Green High-Performance Computing (ICGHPC), pages 1–5. IEEE, 2013.
  26. J. Villar and R. Perez. Strategic use of deception in cyber defense. Cyber Defense Review, 9(4):38–50, 2015.
  27. T. Zhao and Q. Liu. Deception-based defense systems: A review of current research and applications. IEEE Transactions on Information Forensics and Security, 15:150–160, 2020.
Index Terms

Computer Science
Information Sciences

Keywords

Attack intention cyber deception decision tree port scanning scanning tools

Powered by PhDFocusTM