Low-rate DDOS Attack Detection using Optimal Objective Entropy Method
نویسندگان
چکیده
A Distributed Denial of Service (DDOS) attack is a type of Internet attack that disrupts the normal function of the targeted computer network (server). This kind of attacks attempts to make target host resource unavailable to its legal users. Several efforts had made in detection and computation of the DDOS attacks over network, where IDS (Intrusion detection systems) are unable to isolate the normal flow of traffic from attacks. So this paper is an introduction of the optimal objective entropy (OOE) based method to detect low-rate DDOS attacks. Minimization of objective function in entropy based method show considerable improvement over the traditional entropy based schemes.
منابع مشابه
F-STONE: A Fast Real-Time DDOS Attack Detection Method Using an Improved Historical Memory Management
Distributed Denial of Service (DDoS) is a common attack in recent years that can deplete the bandwidth of victim nodes by flooding packets. Based on the type and quantity of traffic used for the attack and the exploited vulnerability of the target, DDoS attacks are grouped into three categories as Volumetric attacks, Protocol attacks and Application attacks. The volumetric attack, which the pro...
متن کاملNeural Network Based Protection of Software Defined Network Controller against Distributed Denial of Service Attacks
Software Defined Network (SDN) is a new architecture for network management and its main concept is centralizing network management in the network control level that has an overview of the network and determines the forwarding rules for switches and routers (the data level). Although this centralized control is the main advantage of SDN, it is also a single point of failure. If this main contro...
متن کاملFFSc: a novel measure for low-rate and high-rate DDoS attack detection using multivariate data analysis
A Distributed Denial of Service (DDoS) attack is a major security threat for networks and Internet services. Attackers can generate attack traffic similar to normal network traffic using sophisticated attacking tools. In such a situation, many intrusion detection systems fail to identify DDoS attack in real time. However, DDoS attack traffic behaves differently from legitimate network traffic i...
متن کاملE-LDAT: a lightweight system for DDoS flooding attack detection and IP traceback using extended entropy metric
Distributed denial-of-service (DDoS) attacks cause havoc by exploiting threats to Internet services. In this paper, we propose E-LDAT, a lightweight extended-entropy metric-based system for both DDoS flooding attack detection and IP (Internet Protocol) traceback. It aims to identify DDoS attacks effectively by measuring the metric difference between legitimate traffic and attack traffic. IP tra...
متن کاملAn empirical evaluation of information metrics for low-rate and high-rate DDoS attack detection
Distributed Denial of Service (DDoS) attacks represent a major threat to uninterrupted and efficient Internet service. In this paper, we empirically evaluate several major information metrics, namely, Hartley entropy, Shannon entropy, Renyi’s entropy, generalized entropy, Kullback–Leibler divergence and generalized information distance measure in their ability to detect both low-rate and high-r...
متن کامل