DDoS Attack Detection Using Flow Entropy and Packet Sampling on Huge Networks
نویسندگان
چکیده
While the increasing number of services available through computer networks is a source of great convenience for users, it raises several concerns, including the threat of hacking and the invasion of user privacy. Hackers can easily block network services by flooding traffic to servers or by breaking through network security, hence causing significant economic loss. It is well know that a Distributed Denial of Service (DDoS) attack, which robs the targeted server of valuable computational resources, is hard to defend against. In order to address and nullify the threat to computer networks from DDoS attacks, an effective detection method is required. Hence, huge networks need an intrusion detection system for real-time detection. In this paper, we propose the flow entropyand packet sampling-based detection mechanism against DDoS attacks in order to guarantee normal network traffic and prevent DDoS attacks. Our approach is proved to be efficient via OPNET simulation results. Keywords-packet sampling; flow entropy; ddos detection; Network Security;
منابع مشابه
Traceback of Ddos Attacks Using Entropy Variations
Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet which deny normal service and degrade quality of service. However, the Network security mechanisms does not have effective and efficient methods to trace back the source of these attacks. In this paper, I propose a novel traceback method for DDoS attacks that is based on entropy variations between normal and DDoS...
متن کاملNeural Network Based Protection of Software Defined Network Controller against Distributed Denial of Service Attacks
Software Defined Network (SDN) is a new architecture for network management and its main concept is centralizing network management in the network control level that has an overview of the network and determines the forwarding rules for switches and routers (the data level). Although this centralized control is the main advantage of SDN, it is also a single point of failure. If this main contro...
متن کاملE-LDAT: a lightweight system for DDoS flooding attack detection and IP traceback using extended entropy metric
Distributed denial-of-service (DDoS) attacks cause havoc by exploiting threats to Internet services. In this paper, we propose E-LDAT, a lightweight extended-entropy metric-based system for both DDoS flooding attack detection and IP (Internet Protocol) traceback. It aims to identify DDoS attacks effectively by measuring the metric difference between legitimate traffic and attack traffic. IP tra...
متن کاملFFSc: a novel measure for low-rate and high-rate DDoS attack detection using multivariate data analysis
A Distributed Denial of Service (DDoS) attack is a major security threat for networks and Internet services. Attackers can generate attack traffic similar to normal network traffic using sophisticated attacking tools. In such a situation, many intrusion detection systems fail to identify DDoS attack in real time. However, DDoS attack traffic behaves differently from legitimate network traffic i...
متن کاملA Review Of Detection of DDOS Attack Using Entropy Based Approach
Web-sites acts as the best platforms for attacks like DDOS attack worm propagation and many other attacks which are related to application layer. To detect application layer DDOS attack is a cumbersome task. It is basically originated from the lower layer i.e. network layer and transport layer. Whereas this new application layer based DDOS attacks utilizes genuine HTTP request to make victim re...
متن کامل