To search, Click below search items.

 

All Published Papers Search Service

Title

Alternative Engine to Detect and Block Port Scan Attacks using Virtual Network Environments

Author

Walter Fuertes, Patricio Zambrano, Marco S?nchez, Pablo Gamboa

Citation

Vol. 11  No. 11  pp. 14-23

Abstract

Currently, IP networks are constantly harmed by several attack techniques such as port scans, denial of service, brute force attacks, etc., which can collapse the continuity of business services. To address this problem, this paper focuses on an alternative solution for detection, block, and prevention of port scanning attacks. Particularly, this implementation is an alternative engine to automatically block specialized tool scans, namely PSAD (Port Scan Attack Detector), but it is conceptualized differently from the features that the program offers. To carry out this work, we have designed and implemented a virtual network environment that is to be configured as an experimenting platform with port scan attacks. To neutralize such attacks, we performed a security mechanism that takes the data reported by the PSAD and using parameterized variables (block time and level of category) automatic locks become viable, including custom records and notifications via e-mail. To validate our solution, several tests of port scan attacks have been run on public and private networks. Then we have compared the performance of our alternative engine with ClearOS (specialized security tool for Linux) and the PSAD. The results show that our alternative engine is faster and more reliable than the tools previously mentioned.

Keywords

Network attacks, port scan attack, security, virtual network environments

URL

http://paper.ijcsns.org/07_book/201111/20111103.pdf