Welcome to the InfoSci Platform
Improving the Detection of On-Line Vertical Port Scan in IP Traffic

Improving the Detection of On-Line Vertical Port Scan in IP Traffic

Christine Fricker, Philippe Robert, Yousra Chabchoub
Copyright: © 2014 |Volume: 5 |Issue: 1 |Pages: 14
ISSN: 1947-3036|EISSN: 1947-3044|EISBN13: 9781466656840|DOI: 10.4018/ijsse.2014010104
Cite Article Cite Article

MLA

Fricker, Christine, et al. "Improving the Detection of On-Line Vertical Port Scan in IP Traffic." IJSSE vol.5, no.1 2014: pp.61-74. http://doi.org/10.4018/ijsse.2014010104

APA

Fricker, C., Robert, P., & Chabchoub, Y. (2014). Improving the Detection of On-Line Vertical Port Scan in IP Traffic. International Journal of Secure Software Engineering (IJSSE), 5(1), 61-74. http://doi.org/10.4018/ijsse.2014010104

Chicago

Fricker, Christine, Philippe Robert, and Yousra Chabchoub. "Improving the Detection of On-Line Vertical Port Scan in IP Traffic," International Journal of Secure Software Engineering (IJSSE) 5, no.1: 61-74. http://doi.org/10.4018/ijsse.2014010104

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

The authors propose in this paper an on-line algorithm based on Bloom filters to detect port scan attacks in IP traffic. Only relevant information about destination IP addresses and destination ports are stored in two steps in a two-dimensional Bloom filter. This algorithm can be indefinitely performed on a real traffic stream thanks to a new adaptive refreshing scheme that closely follows traffic variations. It is a scalable algorithm able to deal with IP traffic at a very high bit rate thanks to the use of hashing functions over a sliding window. Moreover it does not need any a priori knowledge about traffic characteristics. When tested against real IP traffic, the proposed on-line algorithm performs well in the sense that it detects all the port scan attacks within a very short response time of only 10 seconds without any false positive.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.