Open Access iconOpen Access

ARTICLE

crossmark

Framework for Cybersecurity Centers to Mass Scan Networks

Waiel M. Eid1,2, Samer Atawneh1, Mousa Al-Akhras1,3,*

1 College of Computing and Informatics, Saudi Electronic University, Riyadh, 11673, Saudi Arabia
2 National Cybersecurity Authority, Riyadh, Saudi Arabia
3 Computer Information Systems Department, King Abdullah II School for Information Technology, University of Jordan, Amman, 11942, Jordan

* Corresponding Authors: Mousa Al-Akhras. Email: email,email

Intelligent Automation & Soft Computing 2020, 26(6), 1319-1334. https://doi.org/10.32604/iasc.2020.013678

Abstract

The huge number of devices available in cyberspace and the increasing number of security vulnerabilities discovered daily have added many difficulties in keeping track of security vulnerabilities, especially when not using special security tools and software. Mass scanning of the Internet has opened a broad range of possibilities for security tools that help cybersecurity centers detect weaknesses and vulnerabilities in cyberspace. However, one critical issue faced by national cybersecurity centers is the collection of information about IP addresses and subnet ranges. To develop a data collection mechanism for such information and maintain this information with continuous updates, a scanning system is needed. Therefore, this research creates a novel mass scanning framework that collects the information needed for any security investigation of cyberspace as well as preserving the obtained information for any future research analysis by the Saudi National Cybersecurity Center (NCSC), now part of the National Cybersecurity Authority (NCA). In the proposed framework, multiple instances of the scan are distributed across hosts acting as virtual scan engines, and network ranges are split among the hosts to schedule daily or weekly scanning for a wide range of IP addresses among a possible 65,535 ports per IP. In comparison with other benchmarking tools such as Nmap scanner, our proposed framework leads to faster scanning of cyberspace and greatly reduces scanning time to 30% of Nmap’s scanning time.

Keywords


Cite This Article

W. M. Eid, S. Atawneh and M. Al-Akhras, "Framework for cybersecurity centers to mass scan networks," Intelligent Automation & Soft Computing, vol. 26, no.6, pp. 1319–1334, 2020.

Citations




cc This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 2190

    View

  • 1439

    Download

  • 1

    Like

Share Link