公开(公告)号：KR1020090080741A

公开(公告)日：2009-07-27

申请号：KR1020080006684

申请日：2008-01-22

Applicant: 성균관대학교산학협력단

Inventor： 김재광 ,  이지형 ,  이동훈 ,  정제희 ,  윤태복

IPC: H04L12/26 ,  H04L12/22 ,  H04L12/24 ,  H04L12/56

CPC classification number: H04L63/14 ,  G06F21/552

Abstract: A system and a method for controlling an abnormal traffic based on a fuzzy logic are provided to detect a slow port scan attack and perform a countermeasure using traffic control according to detection information by applying a hierarchical fuzzy logic technique. An intrusion detecting module(200) analyzes a packet received from a network interface through a membership function based on a predetermined time cycle and outputs a fuzzy value representing a port scan attack level. A fuzzy control module(300) recognizes the port scan attack level based on the fuzzy value and outputs a control signal for controlling a traffic according to the port scan attack level. An intrusion blocking module(400) controls the traffic with the network interface by receiving the control signal.

Abstract translation: 提供了一种基于模糊逻辑控制异常流量的系统和方法，用于检测慢端扫描攻击，并通过应用分层模糊逻辑技术，根据检测信息执行使用流量控制的对策。 入侵检测模块（200）基于预定时间周期通过隶属函数分析从网络接口接收的分组，并输出表示端口扫描攻击级别的模糊值。 模糊控制模块（300）基于模糊值识别端口扫描攻击级别，并根据端口扫描攻击级别输出用于控制流量的控制信号。 入侵阻塞模块（400）通过接收控制信号来控制网络接口的流量。