Title :
On Detecting Port Scanning using Fuzzy Based Intrusion Detection System
Author :
El-Hajj, Wassim ; Aloul, Fadi ; Trabelsi, Zouheir ; Zaki, Nazar
Author_Institution :
Coll. of Inf. Technol., UAE Univ., Al-Ain
Abstract :
Intrusion detection is a mechanism used to detect various attacks on a wired or wireless network. Port scanning is one of the dangerous attacks that intrusion detection tries to detect. Snort, a famous network intrusion detection system (NIDS), detects a port scanning attack by combining and analyzing various traffic parameters. Because these parameters cannot be easily combined using a mathematical formula, fuzzy logic can be used to combine them; fuzzy logic can also reduce the number of false alarms. This paper presents a novel approach, based on fuzzy logic, to detect port scanning attacks. A fuzzy logic controller is designed and integrated with Snort in order to enhance the functionality of port scanning detection. Experiments are carried out in both wired and wireless networks. The results show that applying fuzzy logic adds to the accuracy of determining bad traffic. Moreover, it gives a level of degree for each type of port scanning attack.
Keywords :
fuzzy control; security of data; fuzzy logic controller; network intrusion detection system; port scanning; Communication system traffic control; Computer networks; Educational institutions; Engines; Fuzzy logic; Fuzzy systems; Information technology; Intrusion detection; Pattern recognition; Wireless networks;
Conference_Titel :
Wireless Communications and Mobile Computing Conference, 2008. IWCMC '08. International
Conference_Location :
Crete Island
Print_ISBN :
978-1-4244-2201-2
Electronic_ISBN :
978-1-4244-2202-9
DOI :
10.1109/IWCMC.2008.19
