Litcius/Paper detail

Ten Years of ZMap

Zakir Durumeric, David Adrian, Phillip Stephens, Eric Wustrow, J. Alex Halderman

202417 citationsDOI

Abstract

Since ZMap's debut in 2013, networking and security researchers have used the open-source scanner to write hundreds of research papers that study Internet behavior. In addition, ZMap has been adopted by the security industry to build new classes of enterprise security and compliance products. Over the past decade, much of ZMap's behavior---ranging from its pseudorandom IP generation to its packet construction---has evolved as we have learned more about how to scan the Internet. In this work, we quantify ZMap's adoption over the ten years since its release, describe its modern behavior (and the measurements that motivated changes), and offer lessons from releasing and maintaining ZMap for future tools.

Topics & Concepts

Computer scienceAdvanced Malware Detection TechniquesNetwork Security and Intrusion DetectionSecurity and Verification in Computing