-
公开(公告)号:KR1020090080741A
公开(公告)日:2009-07-27
申请号:KR1020080006684
申请日:2008-01-22
Applicant: 성균관대학교산학협력단
CPC classification number: H04L63/14 , G06F21/552
Abstract: A system and a method for controlling an abnormal traffic based on a fuzzy logic are provided to detect a slow port scan attack and perform a countermeasure using traffic control according to detection information by applying a hierarchical fuzzy logic technique. An intrusion detecting module(200) analyzes a packet received from a network interface through a membership function based on a predetermined time cycle and outputs a fuzzy value representing a port scan attack level. A fuzzy control module(300) recognizes the port scan attack level based on the fuzzy value and outputs a control signal for controlling a traffic according to the port scan attack level. An intrusion blocking module(400) controls the traffic with the network interface by receiving the control signal.
Abstract translation: 提供了一种基于模糊逻辑控制异常流量的系统和方法,用于检测慢端扫描攻击,并通过应用分层模糊逻辑技术,根据检测信息执行使用流量控制的对策。 入侵检测模块(200)基于预定时间周期通过隶属函数分析从网络接口接收的分组,并输出表示端口扫描攻击级别的模糊值。 模糊控制模块(300)基于模糊值识别端口扫描攻击级别,并根据端口扫描攻击级别输出用于控制流量的控制信号。 入侵阻塞模块(400)通过接收控制信号来控制网络接口的流量。