A slow port scan attack detection mechanism based on fuzzy logic and a stepwise policy

Jaekwang Kim; Jee Hyong Lee

doi:10.1049/cp:20081126

A slow port scan attack detection mechanism based on fuzzy logic and a stepwise policy

Sungkyunkwan University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

23 Scopus citations

Abstract

The slow port scan attack detection is the one of the important topics in the network security. We suggest an abnormal traffic control framework to detect slow port scan attacks using fuzzy rules. The abnormal traffic control framework acts as an intrusion prevention system to suspicious network traffic. It manages traffic with a stepwise policy: first decreasing network bandwidth and then discarding traffic. In this paper, we show that our abnormal traffic control framework effectively detects slow port scan attacks traffic using fuzzy rules and a stepwise policy.

Original language	English
Title of host publication	4th International Conference on Intelligent Environments (IE 08)
Edition	541 CP
DOIs	https://doi.org/10.1049/cp:20081126
State	Published - 2008
Externally published	Yes
Event	4th International Conference on Intelligent Environments, IE 08 - Seattle, WA, United States Duration: 21 Jul 2008 → 22 Jul 2008

Publication series

Name	IET Conference Publications
Number	541 CP

Conference

Conference	4th International Conference on Intelligent Environments, IE 08
Country/Territory	United States
City	Seattle, WA
Period	21/07/08 → 22/07/08

Keywords

Abnormal traffic control framework
Attack detection
Fuzzy logic
Slow port scan
Stepwise Policy

Access to Document

10.1049/cp:20081126

Cite this

@inproceedings{6b14bf63dccf41fea35979efd25fbb84,

title = "A slow port scan attack detection mechanism based on fuzzy logic and a stepwise policy",

abstract = "The slow port scan attack detection is the one of the important topics in the network security. We suggest an abnormal traffic control framework to detect slow port scan attacks using fuzzy rules. The abnormal traffic control framework acts as an intrusion prevention system to suspicious network traffic. It manages traffic with a stepwise policy: first decreasing network bandwidth and then discarding traffic. In this paper, we show that our abnormal traffic control framework effectively detects slow port scan attacks traffic using fuzzy rules and a stepwise policy.",

keywords = "Abnormal traffic control framework, Attack detection, Fuzzy logic, Slow port scan, Stepwise Policy",

author = "Jaekwang Kim and Lee, \{Jee Hyong\}",

year = "2008",

doi = "10.1049/cp:20081126",

language = "English",

isbn = "9780863418945",

series = "IET Conference Publications",

number = "541 CP",

booktitle = "4th International Conference on Intelligent Environments (IE 08)",

edition = "541 CP",

note = "4th International Conference on Intelligent Environments, IE 08 ; Conference date: 21-07-2008 Through 22-07-2008",

}

Kim, J & Lee, JH 2008, A slow port scan attack detection mechanism based on fuzzy logic and a stepwise policy. in 4th International Conference on Intelligent Environments (IE 08). 541 CP edn, IET Conference Publications, no. 541 CP, 4th International Conference on Intelligent Environments, IE 08, Seattle, WA, United States, 21/07/08. https://doi.org/10.1049/cp:20081126

TY - GEN

T1 - A slow port scan attack detection mechanism based on fuzzy logic and a stepwise policy

AU - Kim, Jaekwang

AU - Lee, Jee Hyong

PY - 2008

Y1 - 2008

N2 - The slow port scan attack detection is the one of the important topics in the network security. We suggest an abnormal traffic control framework to detect slow port scan attacks using fuzzy rules. The abnormal traffic control framework acts as an intrusion prevention system to suspicious network traffic. It manages traffic with a stepwise policy: first decreasing network bandwidth and then discarding traffic. In this paper, we show that our abnormal traffic control framework effectively detects slow port scan attacks traffic using fuzzy rules and a stepwise policy.

AB - The slow port scan attack detection is the one of the important topics in the network security. We suggest an abnormal traffic control framework to detect slow port scan attacks using fuzzy rules. The abnormal traffic control framework acts as an intrusion prevention system to suspicious network traffic. It manages traffic with a stepwise policy: first decreasing network bandwidth and then discarding traffic. In this paper, we show that our abnormal traffic control framework effectively detects slow port scan attacks traffic using fuzzy rules and a stepwise policy.

KW - Abnormal traffic control framework

KW - Attack detection

KW - Fuzzy logic

KW - Slow port scan

KW - Stepwise Policy

UR - https://www.scopus.com/pages/publications/70350179965

U2 - 10.1049/cp:20081126

DO - 10.1049/cp:20081126

M3 - Conference contribution

AN - SCOPUS:70350179965

SN - 9780863418945

T3 - IET Conference Publications

BT - 4th International Conference on Intelligent Environments (IE 08)

T2 - 4th International Conference on Intelligent Environments, IE 08

Y2 - 21 July 2008 through 22 July 2008

ER -

A slow port scan attack detection mechanism based on fuzzy logic and a stepwise policy

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this