{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,11]],"date-time":"2025-03-11T04:31:46Z","timestamp":1741667506828,"version":"3.38.0"},"reference-count":22,"publisher":"SAGE Publications","issue":"2","license":[{"start":{"date-parts":[[2020,5,1]],"date-time":"2020-05-01T00:00:00Z","timestamp":1588291200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/journals.sagepub.com\/page\/policies\/text-and-data-mining-license"}],"content-domain":{"domain":["journals.sagepub.com"],"crossmark-restriction":true},"short-container-title":["Intelligent Decision Technologies"],"published-print":{"date-parts":[[2020,5]]},"abstract":"<jats:p> Port scanning is a first common discovering step which allows cyber malicious actors to gather valuable information about target hosts namely defense, governmental and banks servers by trying to identify instantly open ports, which correspond to specific services on the cloud, such as HTTP, DNS, and email. This paper aims to introduce a detection and evaluation approach for port scanning attacks in various contexts and levels of criticity based on fuzzy reasoning method. A new fuzzy logic controller, which uses fuzzy rules base and the Mamdani inference method is proposed as Intrusion Detection System as a Service, which dynamically detect and evaluate the criticity of port scanning. This SaaS enables network administrators and cyber security specialists to follow in real time the network traffic behavior, i.e., the Port Scanning Criticity Level (PSCL). A Dynamic dashboard is implemented to quickly and efficiently identify malicious port scanning activities. Experimentations and evaluations showed the efficiency of the proposed system in multilevel port scanning detection compared to Snort and the related IDS systems. <\/jats:p>","DOI":"10.3233\/idt-180050","type":"journal-article","created":{"date-parts":[[2020,5,12]],"date-time":"2020-05-12T16:54:26Z","timestamp":1589302466000},"page":"171-180","update-policy":"https:\/\/doi.org\/10.1177\/sage-journals-update-policy","source":"Crossref","is-referenced-by-count":2,"title":["Fuzzy IDS as a service on the cloud for malicious TCP port scanning traffic detection"],"prefix":"10.1177","volume":"14","author":[{"given":"Firas","family":"Saidi","sequence":"first","affiliation":[{"name":"National School of Computer Sciences, RIADI Laboratory, Campus of La Manouba, Tunisia"}]},{"given":"Zouheir","family":"Trabelsi","sequence":"additional","affiliation":[{"name":"College of Information Technology, UAE University, The United Arab Emirates"}]},{"given":"Henda Ben","family":"Ghazela","sequence":"additional","affiliation":[{"name":"National School of Computer Sciences, RIADI Laboratory, Campus of La Manouba, Tunisia"}]}],"member":"179","published-online":{"date-parts":[[2020,5,1]]},"reference":[{"key":"bibr001-IDT-180050","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2013.102913.00020"},{"key":"bibr002-IDT-180050","doi-asserted-by":"publisher","DOI":"10.1088\/1361-6501\/aac7fd"},{"key":"bibr003-IDT-180050","doi-asserted-by":"publisher","DOI":"10.1109\/ICTCS.2019.8923028"},{"key":"bibr004-IDT-180050","doi-asserted-by":"publisher","DOI":"10.1016\/0167-4048(93)90029-5"},{"key":"bibr005-IDT-180050","doi-asserted-by":"publisher","DOI":"10.1016\/j.jocs.2017.03.006"},{"key":"bibr006-IDT-180050","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2012.05.003"},{"key":"bibr007-IDT-180050","doi-asserted-by":"publisher","DOI":"10.1016\/j.asoc.2009.06.019"},{"key":"bibr008-IDT-180050","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2013.052213.00046"},{"key":"bibr009-IDT-180050","doi-asserted-by":"publisher","DOI":"10.14257\/ijfgcn.2016.9.6.32"},{"key":"bibr010-IDT-180050","doi-asserted-by":"publisher","DOI":"10.1109\/FUZZ-IEEE.2017.8015461"},{"key":"bibr011-IDT-180050","doi-asserted-by":"publisher","DOI":"10.1109\/FUZZ-IEEE.2017.8015701"},{"key":"bibr012-IDT-180050","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40409-2_19"},{"key":"bibr013-IDT-180050","unstructured":"KimJ., and LeeJ.H. (2008). A slow port scan attack detection mechanism based on fuzzy logic and a stepwise policy. In 4th International Conference on Intelligent Environments (IE 08), WA, USA, pp. 25-30."},{"key":"bibr014-IDT-180050","doi-asserted-by":"publisher","DOI":"10.1002\/sec.186"},{"key":"bibr015-IDT-180050","doi-asserted-by":"publisher","DOI":"10.1002\/sec.1508"},{"key":"bibr016-IDT-180050","doi-asserted-by":"publisher","DOI":"10.1016\/S0165-0114(01)00015-X"},{"key":"bibr017-IDT-180050","doi-asserted-by":"publisher","DOI":"10.1016\/S0165-0114(97)00077-8"},{"key":"bibr018-IDT-180050","doi-asserted-by":"publisher","DOI":"10.1109\/FUZZY.2010.5584858"},{"key":"bibr019-IDT-180050","doi-asserted-by":"publisher","DOI":"10.1016\/0020-0255(92)90035-7"},{"key":"bibr020-IDT-180050","doi-asserted-by":"publisher","DOI":"10.1016\/S0888-613X(02)00075-0"},{"key":"bibr021-IDT-180050","unstructured":"www.frameip.com."},{"issue":"1","key":"bibr022-IDT-180050","first-page":"229","volume":"99","author":"Roesch M.","year":"1999","journal-title":"In Lisa"}],"container-title":["Intelligent Decision Technologies"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.3233\/IDT-180050","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/full-xml\/10.3233\/IDT-180050","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.3233\/IDT-180050","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,10]],"date-time":"2025-03-10T19:33:45Z","timestamp":1741635225000},"score":1,"resource":{"primary":{"URL":"https:\/\/journals.sagepub.com\/doi\/10.3233\/IDT-180050"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,5]]},"references-count":22,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2020,5]]}},"alternative-id":["10.3233\/IDT-180050"],"URL":"https:\/\/doi.org\/10.3233\/idt-180050","relation":{},"ISSN":["1872-4981","1875-8843"],"issn-type":[{"type":"print","value":"1872-4981"},{"type":"electronic","value":"1875-8843"}],"subject":[],"published":{"date-parts":[[2020,5]]}}}