The number of cyber attacks is increasing on a daily basis also due to the availability of many tools to compromise hosts, network appliances and Internet of Things devices in a simple and effective manner. Moreover, Crime-as-a-Service business models are becoming popular, thus making cyber security a global concern for home users, institutions, enterprises and organizations. Despite the type and the scope of attacks, the first stage usually involves a reconnaissance phase, which aims at acquiring as much information as possible on the potential victim, e.g., the used hardware, network addressing schemes or personal bits of data. Unfortunately, attackers can now rely upon a vast range of opportunities, since information useful to craft tools or launch social engineering campaigns can be retrieved from publicly accessible databases, online social networks, ad-hoc search engines, or gathered by using a variety of applications like traffic sniffers, port scanners or phishing mechanisms. In this perspective, this work classifies and reviews the existing reconnaissance techniques and presents how they evolved in time. Also, it showcases the main countermeasures and discusses potential future research directions in this area.
Cyber Reconnaissance Techniques
Luca Caviglione
2021
Abstract
The number of cyber attacks is increasing on a daily basis also due to the availability of many tools to compromise hosts, network appliances and Internet of Things devices in a simple and effective manner. Moreover, Crime-as-a-Service business models are becoming popular, thus making cyber security a global concern for home users, institutions, enterprises and organizations. Despite the type and the scope of attacks, the first stage usually involves a reconnaissance phase, which aims at acquiring as much information as possible on the potential victim, e.g., the used hardware, network addressing schemes or personal bits of data. Unfortunately, attackers can now rely upon a vast range of opportunities, since information useful to craft tools or launch social engineering campaigns can be retrieved from publicly accessible databases, online social networks, ad-hoc search engines, or gathered by using a variety of applications like traffic sniffers, port scanners or phishing mechanisms. In this perspective, this work classifies and reviews the existing reconnaissance techniques and presents how they evolved in time. Also, it showcases the main countermeasures and discusses potential future research directions in this area.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
