A Machine Learning Approach for Reconnaissance Detection to Enhance Network Security

Author

Rachel Bakaletz, East Tennessee State UniversityFollow

Degree Name

MS (Master of Science)

Program

Computer and Information Sciences

Date of Award

5-2022

Committee Chair or Co-Chairs

Ghaith Husari

Committee Members

Mohammad Khan, Brian Bennett

Abstract

Before cyber-crime can happen, attackers must research the targeted organization to collect vital information about the target and pave the way for the subsequent attack phases. This cyber-attack phase is called reconnaissance or enumeration. This malicious phase allows attackers to discover information about a target to be leveraged and used in an exploit. Information such as the version of the operating system and installed applications, open ports can be detected using various tools during the reconnaissance phase. By knowing such information cyber attackers can exploit vulnerabilities that are often unique to a specific version.

In this work, we develop an end-to-end system that uses machine learning techniques to detect reconnaissance attacks on cyber networks. Successful detection of such attacks provides the target the time to devise plans on how to evade or mitigate the cyber-attack phases that supervene the reconnaissance phase.

Document Type

Thesis - unrestricted

Recommended Citation

Bakaletz, Rachel, "A Machine Learning Approach for Reconnaissance Detection to Enhance Network Security" (2022). Electronic Theses and Dissertations. Paper 4032. https://dc.etsu.edu/etd/4032

Copyright

Copyright by the authors.