A New Approach for Detecting SMTPFA Based on Entropy Measurement

Chen, Hsing‐Chung; Sun, Jai-Zong; Tseng, Shian‐Shyong; Weng, Chien-Erh

doi:10.1007/978-3-642-35606-3_41

Cited by 3 publications

(7 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The entropy value is inversely proportional to the probability value. With this feature, the value of results we calculate has dependability [16].…”

Section: Entropy Operationmentioning

confidence: 99%

“…1. In the SMTP architecture [16], it consists of a Sender, a sender-SMTP, a receiver-SMTP and a Receiver. When a Sender (user or file server) will connect to another receiver, it will send a request message of Establishes Connection to the sender-SMTP.…”

Section: Smtpmentioning

confidence: 99%

“…First, SMTP had been defined in the RFC 821 [1,2,16]. It is an independent subsystem in special communication system.…”

Section: Smtpmentioning

confidence: 99%

“…According to the above steps, if the command-respond pair has been completed during one normal time-period, it means that a round of SMTP session has been completed. The established SMTP message flows are divided into seven stages [16] as below: Establishes Connection, HELO, MAIL FROM, RCPT TO, DATA, DATA TRANSFER, and QUIT. The SMTP message flows are shown in Fig.…”

Section: Smtpmentioning

confidence: 99%

“…In the Information Theory, Entropy is an approach used to measure the uncertainty or randomness in random variable [13][14][15][16]. Entropy measurement approach is proposed by Shannon [13] and Weaver [15].…”

Section: Entropy Operationmentioning

confidence: 99%

See 4 more Smart Citations

An Approach for Detecting Flooding Attack Based on Integrated Entropy Measurement in E-Mail Server

Chen

Tseng

Mao

et al. 2013

Lecture Notes in Electrical Engineering

Self Cite

View full text Add to dashboard Cite

The aim of this study is to protect an electronic mail (email) server system based on an integrated Entropy calculation via detecting flooding attacks. Lots of approaches have been proposed by many researchers to detect packets accessing email whether are belonging to the normal or abnormal packets. Entropy is an approach of the mathematical theory of Communication; it can be used to measure the uncertainty or randomness in a random variable. A normal email server usually supports the four protocols consists of Simple Mail Transfer Protocol (SMTP), Post Office Protocol version 3 (POP3), Internet Message Access Protocol version 4 (IMAP4), and HTTPS being used by remote web-based email. However, in Internet, there are many flooding attacks will try to paralyze email server system. Therefore, we propose a new approach for detecting flooding attack based on Integrated Entropy Measurement in email server. Our approach can reduce the misjudge rate compared to conventional approaches.

show abstract

“…The entropy value is inversely proportional to the probability value. With this feature, the value of results we calculate has dependability [16].…”

Section: Entropy Operationmentioning

confidence: 99%

Section: Smtpmentioning

confidence: 99%

“…First, SMTP had been defined in the RFC 821 [1,2,16]. It is an independent subsystem in special communication system.…”

Section: Smtpmentioning

confidence: 99%

Section: Smtpmentioning

confidence: 99%

Section: Entropy Operationmentioning

confidence: 99%

See 3 more Smart Citations

An Approach for Detecting Flooding Attack Based on Integrated Entropy Measurement in E-Mail Server

Chen

Tseng

Mao

et al. 2013

Lecture Notes in Electrical Engineering

Self Cite

View full text Add to dashboard Cite

show abstract

Security Threats in Wireless Network Communication-Status, Challenges, and Future Trends

Kadhim

Sadkhan

2021

2021 International Conference on Advanced Computer Applications (ACA)

View full text Add to dashboard Cite

A SYN flooding attack detection approach with hierarchical policies based on self‐information

2022

View full text Add to dashboard Cite

The SYN flooding attack is widely used in cyber attacks because it paralyzes the network by causing the system and bandwidth resources to be exhausted. This paper proposed a self‐information approach for detecting the SYN flooding attack and provided a detection algorithm with a hierarchical policy on a detection time domain. Compared with other detection methods of entropy measurement, the proposed approach is more efficient in detecting the SYN flooding attack, providing low misjudgment, hierarchical detection policy, and low time complexity. Furthermore, we proposed a detection algorithm with limiting system resources. Thus, the time complexity of our approach is only (log n) with lower time complexity and misjudgment rate than other approaches. Therefore, the approach can detect the denial‐of‐service/distributed denial‐of‐service attacks and prevent SYN flooding attacks.

show abstract

A New Approach for Detecting SMTPFA Based on Entropy Measurement

Cited by 3 publications

References 12 publications

An Approach for Detecting Flooding Attack Based on Integrated Entropy Measurement in E-Mail Server

An Approach for Detecting Flooding Attack Based on Integrated Entropy Measurement in E-Mail Server

Security Threats in Wireless Network Communication-Status, Challenges, and Future Trends

A SYN flooding attack detection approach with hierarchical policies based on self‐information

Contact Info

Product

Resources

About