论文信息 - A slow port scan attack detection mechanism based on fuzzy logic and a stepwise p1olicy

A slow port scan attack detection mechanism based on fuzzy logic and a stepwise p1olicy

The slow port scan attack detection is the one of the important topics in the network security. We suggest an abnormal traffic control framework to detect slow port scan attacks using fuzzy rules. The abnormal traffic control framework acts as an intrusion prevention system to suspicious network traffic. It manages traffic with a stepwise policy: first decreasing network bandwidth and then discarding traffic. In this paper, we show that our abnormal traffic control framework effectively detects slow port scan attacks traffic using fuzzy rules and a stepwise policy.

Jee-Hyong Lee | Jaekwang Kim

[1] Gong Jian,et al. Intrusion detection system based on fuzzy default logic , 2003, The 12th IEEE International Conference on Fuzzy Systems, 2003. FUZZ '03..

[2] Ying-Dar Lin,et al. A survey and measurement-based comparison of bandwidth management techniques , 2003, IEEE Communications Surveys & Tutorials.

[3] Arturo Ribagorda,et al. Fuzzy logic on decision model for IDS , 2003, The 12th IEEE International Conference on Fuzzy Systems, 2003. FUZZ '03..

[4] Young Ik Eom,et al. The Abnormal Traffic Control Framework Based on QoS Mechanisms , 2004, ISCIS.