Artículo Científico - Alternative Engine to Detect and Block Port Scan Attacks using Virtual Network Environments

Description: Currently, IP networks are constantly harmed by several attack techniques such as port scans, denial of service, brute force attacks, etc., which can collapse the continuity of business services. To address this problem, this paper focuses on an alternative solution for detection, block, and prevention of port scanning attacks. Particularly, this implementation is an alternative engine to automatically block specialized tool scans, namely PSAD (Port Scan Attack Detector), but it is conceptualized differently from the features that the program offers. To carry out this work, we have designed and implemented a virtual network environment that is to be configured as an experimenting platform with port scan attacks. To neutralize such attacks, we performed a security mechanism that takes the data reported by the PSAD and using parameterized variables (block time and level of category) automatic locks become viable, including custom records and notifications via e-mail...