Title: Performance evaluation of cyber reconnaissance tools
Authors: Ha Thanh Le; Peter Loh; Chiew Tong Lau
Addresses: Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg, 4, rue Alphonse Weicker, L-2721, Luxembourg ' Singapore Institute of Technology, 10 Dover Drive, 138683, Singapore ' School of Computer Engineering, Nanyang Technological University, Block N4, #02B-58, Nanyang Avenue, 639798, Singapore
Abstract: The stealthy reconnaissance phase is crucial in a cyber-attack. The reconnaissance tools usually limit themselves from balancing between collecting most targets' information possible while hiding itself from being detected by target's defence systems. We assert the role of reconnaissance in web application security attack and evaluate the selected reconnaissance tools in both effectiveness (information gained) and stealth level. We experimentally realised that the reconnaissance tools employing a botnet (or bot, or zombie)-based model has high performance (high level of stealth and little information loss).
Keywords: web application security; cyber attacks; stealthy reconnaissance; botnet model reconnaissance; performance evaluation; cyber reconnaissance; stealth level; information loss; web applications.
DOI: 10.1504/IJIPSI.2016.078589
International Journal of Information Privacy, Security and Integrity, 2016 Vol.2 No.3, pp.177 - 196
Accepted: 19 Nov 2015
Published online: 25 Aug 2016 *