Port scanner attackers are typically used to identify weak points or vulnerabilities in an organization's network. When attackers send a detective message to a port number, the response tells them whether the port is open and assists them in identifying potential vulnerabilities. However, machinelearning approaches are the most effective techniques for detecting and identifying port scanner attacks. This attack is regarded as one of the most dangerous internet threats. This research aims to strengthen the detection accuracy and reduce the detection time. Tagged network traffic data sets are used to train the classification machine learning techniques. On the other hand, network traffic analysis is used by unsupervised method to detect attacks. This study modifies the decision table and OneR classification algorithms as a supervised technique for portscan detection. The proposed algorithm uses the CICIDS2017 dataset for both training and testing. The proposed hybrid feature selection methods use and apply multiple training and testing through a sequence of experiments, the proposed method is capable of detecting the portscan attack with 99.8% accuracy, which is competitive in addition to the proposed combination's fast response.

CICIDS2017; Data mining; Decision table; Feature selection; Machine learning; Network security; OneR