Editorial Notes
The authors have requested minor, non-substantive changes to the VoR and, in accordance with ACM policies, a Corrected VoR was published on May 27, 2021. For reference purposes the VoR may still be accessed via the Supplemental Material section on this page.
Abstract
The evolution of and countermeasures for …
Supplemental Material
Available for Download
Version of Record for "Cyber reconnaissance techniques" by Mazurczyk et al, Communications of the ACM, Volume 64, Issue 3 (CACM 64:3).
- Achleitner, S., La Porta, T., McDaniel, P., Sugrim, S., Krishnamurthy, S.V., Chadha, R. Cyber deception: Virtual networks to defend insider reconnaissance. In Proceedings of the 8th ACM CCS Intern. Workshop on Managing Insider Security Threats, Oct. 2016, 57--68.Google ScholarDigital Library
- Al-Saleh, M. Crandall, J.R. Application-level reconnaissance: Timing channel attacks against antivirus software. In Proceedings of the 4th USENIX Conf. Large-scale Exploits and Emergent Threats, 2011, 1--8.Google Scholar
- Aviv, A., Gibson, K., Mossop, E., Blaze, M., Smith, J.M. Smudge attacks on smartphone touch screens. In Proceedings of the 4th USENIX Conf. on Offensive Technologies, 2010, 1--7.Google ScholarDigital Library
- Backes, M., Dürmuth, M., Gerling, S., Pinkal, M., Sporleder, C. Acoustic side-channel attacks on printers. In Proceedings of the USENIX Security Symposium, 2010, 307--322.Google Scholar
- Bazm, M., M. Lacoste, M., M. Südholt, M. and J. Menaud, J. Side-channels beyond the cloud edge: New isolation threats and solutions. In Proceedings of the 1st Cyber Security in Networking Conf., Oct. 2017, 1--8.Google ScholarCross Ref
- Bejtlich, R. The Tao of Network Security Monitoring Beyond Intrusion Detection. Pearson Education, 2004, ISBN: 0-321-24677-2.Google Scholar
- Berger, Y., Wool, A. Yeredor, A. Dictionary attacks using keyboard acoustic emanations. In Proceedings of the 13th ACM Conf. Computer and Communications Security, 2006, 245--254.Google Scholar
- Bou-Harb, E., Debbabi, M., Assi, C. Cyber scanning: A comprehensive survey. IEEE Communications Surveys & Tutorials 16, 3 (3rdQ 2014). 1496--1519.Google ScholarCross Ref
- Cabaj, K., Gregorczyk, M., Mazurczyk, W., Nowakowski, P., Żórawski, P. Sniffing detection within the network: Revisiting existing and proposing novel approaches. In Proceedings of the 5G Network Security Workshop to be held jointly with the 14th Intern. Conf. on Availability, Reliability and Security, 2019.Google ScholarDigital Library
- Cabana, O., Youssef, A.M., Debbabi, M., Lebel, B., Kassouf, M., Agba, B.L. Detecting, fingerprinting and tracking reconnaissance campaignst industrial control systems. Detection of Intrusions and Malware, and Vulnerability Assessment, LNCS 11543 (June 2019). R. Perdisci, C. Maurice, G. Giacinto, M. Almgren (Eds.). Springer, 89--108.Google Scholar
- Caviglione, L., Wendzel, S., Mazurczyk, W. The future of digital forensics: Challenges and the road ahead. IEEE Security & Privacy 15, 6, (Nov./Dec. 2017), 12--17.Google ScholarDigital Library
- Caviglione, L., Coccoli, M. Privacy problems with Web 2.0. Computer Fraud & Security 10 (2011), 16--19.Google ScholarCross Ref
- Collins, M., Shimeall, T., Faber, S., Janies, J., Weaver R., Shon, M.D., Kadane, J. Using uncleanliness to predict future botnet addresses. In Proceedings of the 7th ACM SIGCOMM Internet Measurement Conference, 2007, 93--104.Google ScholarDigital Library
- Genkin, D., Pattani, M., Schuster, R., Tromer, E. Synesthesia: Detecting screen content via remote acoustic side channels. In Proceedings of the IEEE Symp. Security & Privacy, 2019Google ScholarCross Ref
- Goodman, M. Future Crimes. Anchor Books, New York, 2016, ISBN 9780804171458.Google Scholar
- Holz, T., Gorecki, C., Rieck, K., Freiling, F. Measuring and detecting fast-flux service networks. In Proceedings of the 15th Network and Distributed System Security Symp., 2008, 257--268.Google Scholar
- Holz, T., Raynal, F. Detecting Honeypots and Other Suspicious Environments. In Proceedings of the 6th Annual IEEE SMC Information Assurance Workshop, 2005, 29--36.Google Scholar
- H2020 Project---Diversity Enhancements for Security Information and Event Management. Project Deliverable D4.1: Techniques and Tools for OSINT-based Threat Analysis; http://disiem-project.eu/wp-content/uploads/2018/06/D4.1v2.pdfGoogle Scholar
- Industry Week. Cyberattacks skyrocketed in 2018. Are you ready for 2019?; https://www.industryweek.com/technology-and-iiot/cyberattacks-skyrocketed-2018-are-you-ready-2019Google Scholar
- Kocher, P. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In Proceedings of the Annual Intern. Cryptology Conf. Springer, Berlin, Heidelberg, 1996, 104--113.Google ScholarCross Ref
- Krawetz, N. Anti-honeypot technology. IEEE Security & Privacy 2, 1 (Jan-Feb 2004), 76--79.Google ScholarDigital Library
- Lampson, B. A Note on the confinement problem. Commun. ACM 16, 10, (Oct. 1973), 613--615.Google ScholarDigital Library
- Lancor, L., Workman, R. Using Google hacking to enhance defense strategies. ACM SIGCSE Bulletin, 2007, 491--495.Google Scholar
- Lei, C., Zhang, H.Q., Tan, J.L., Zhang, Y.C., Liu, X.H. Moving target defense techniques: A survey. Security and Communication Networks 2018, 1--25.Google ScholarDigital Library
- Li, Z., Yu, X., Wang, D., Liu, Y., Yin, H., He, S. SuperEye: A distributed port scanning system. Artificial Intelligence and Security LNCS 11635. X. Sun, Z. Pan, E. Bertino, (Eds). Springer, Cham, July 2019, 46--56.Google Scholar
- Lockheed Martin. The Cyber Kill Chain; https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.htmlGoogle Scholar
- MITRE, ATT&CK Framework; https://attack.mitre.org/Google Scholar
- Notra, S., Siddiqi, M., Gharakheili, H.H., Sivaraman, V., Boreli, R. An experimental study of security and privacy risks with emerging household appliances. In Proceedings of the IEEE Conf. on Communications and Network Security, 2014, 79--84.Google ScholarCross Ref
- O'Hare, J., Macfarlane, R., Lo, O. Identifying Vulnerabilities Using Internet-Wide Scanning Data. In Proceedings of the 12th IEEE Intern. Conference on Global Security, Safety and Sustainability, pp. 1--10, 2019.Google Scholar
- Ristenpart, T., Tromer, E., Shacham, H., Savage, S. Hey, you, get off of my cloud: Exploring information leakage in third-party compute clouds. In Proceedings 16th ACM Conf. Computer and Communications Security, 2009, 199--212.Google Scholar
- Salahdine, F. Kaabouch, N. Social engineering attacks: A survey. Future Internet 11, 4 (2019), 1--17.Google ScholarCross Ref
- Sayakkara, A., N.-A. L.-K., Scanlon, M. A survey of electromagnetic side-channel attacks and discussion on their case-progressing potential for digital forensics. Digital Investigation 29 (2019), 43--54.Google ScholarDigital Library
- Siby, S., Maiti, R.R., Tippenhauer, N.O. IoTScanner: Detecting privacy threats in IoT neighborhoods. In Proceedings of the 3rd ACM Intern. Workshop on IoT Privacy, Trust, and Security, 2017, 23--30.Google ScholarDigital Library
- Simon, L., Xu, W., Anderson, R. Don't interrupt me while I type: Inferring text entered through gesture typing on Android keyboards. In Proceedings of Privacy Enhancing Technologies 3 (2016), 136--154.Google ScholarCross Ref
- Siponen, M. A Conceptual foundation for organizational information security awareness. Information Management & Computer Security 8, 1 (2000), 31--41.Google ScholarCross Ref
- Trabelsi, Z. and Rahmani, H. Detection of sniffers in an Ethernet network. Information Security, LNCC 3225 (Sept. 2004). K. Zhang, Y. Zheng (Eds) Springer, Berlin, Heidelberg, 170--182,Google Scholar
- Trabelsi, Z., Rahmani, H., Kaouech, K., Frikha, M. Malicious sniffing systems detection platform. In Proceedings of the Intern. Symp. Applications and the Internet, 2004, 201--207.Google ScholarCross Ref
- Trestian, I., Ranjan, S., Kuzmanovic, A., Nucci, A. Googling the Internet: Profiling Internet endpoints via the World Wide Web. IEEE/ACM Trans. Networking 18, 2 (2010), 666--679.Google ScholarDigital Library
- Wang, P., Wu, L., Cunningham, R., Zou, C.C. Honeypot detection in advanced botnet attacks. Intern. J. Information and Computer Security 4, 1 (2010), 30--51.Google ScholarDigital Library
- Wang, C., Lu, Z. Cyber deception: Overview and the road ahead. IEEE Security & Privacy 16, 2 (M-A 2018), 80--85.Google ScholarCross Ref
Index Terms
- Cyber reconnaissance techniques
Recommendations
Countering cyber threats for industrial applications
The widespread adoption of Internet of Things (IoT) in industrial systems has made malware propagation more voluminous and sophisticated. Detection and prevention against these malware threats rely on automated dynamic analysis techniques. Malware ...
Malware Obfuscation Techniques: A Brief Survey
BWCCA '10: Proceedings of the 2010 International Conference on Broadband, Wireless Computing, Communication and ApplicationsAs the obfuscation is widely used by malware writers to evade antivirus scanners, so it becomes important to analyze how this technique is applied to malwares. This paper explores the malware obfuscation techniques while reviewing the encrypted, ...
Comments