Articolo in rivista, 2021, ENG, 10.1145/3418293

Cyber Reconnaissance Techniques

Wojciech Mazurczyk and Luca Caviglione

Warsaw University of Technology, National Research Council of Italy

The number of cyber attacks is increasing on a daily basis also due to the availability of many tools to compromise hosts, network appliances and Internet of Things devices in a simple and effective manner. Moreover, Crime-as-a-Service business models are becoming popular, thus making cyber security a global concern for home users, institutions, enterprises and organizations. Despite the type and the scope of attacks, the first stage usually involves a reconnaissance phase, which aims at acquiring as much information as possible on the potential victim, e.g., the used hardware, network addressing schemes or personal bits of data. Unfortunately, attackers can now rely upon a vast range of opportunities, since information useful to craft tools or launch social engineering campaigns can be retrieved from publicly accessible databases, online social networks, ad-hoc search engines, or gathered by using a variety of applications like traffic sniffers, port scanners or phishing mechanisms. In this perspective, this work classifies and reviews the existing reconnaissance techniques and presents how they evolved in time. Also, it showcases the main countermeasures and discusses potential future research directions in this area.

Communications of the ACM (Online) 64 (3), pp. 86–95

Keywords

Cyber Reconnaissance, network security, side-channels, covert channels, network scanning, cyber deception

CNR authors

Caviglione Luca

CNR institutes

IMATI – Istituto di matematica applicata e tecnologie informatiche "Enrico Magenes"

ID: 424380

Year: 2021

Type: Articolo in rivista

Creation: 2020-06-23 14:49:35.000

Last update: 2021-05-18 12:47:54.000

CNR authors

External IDs

CNR OAI-PMH: oai:it.cnr:prodotti:424380

DOI: 10.1145/3418293

ISI Web of Science (WOS): 000624534800021

Scopus: 2-s2.0-85101534591