DDoS Attack Detection Algorithms Based on Entropy Computing

Li, Liying; Zhou, Jianying; Xiao, Ning

doi:10.1007/978-3-540-77048-0_35

Cited by 25 publications

(16 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…al. [71] propose an entropy based DDoS attack detection method that calculates the distribution pattern of the attributes in network packet headers. Cumulative entropy is calculated to monitor network traffic behavior for a period of time instead of classifying the traffic as abnormal after initially detecting as abnormal in the first phase.…”

Section: A Detection Approaches and Methodsmentioning

confidence: 99%

Botnet in DDoS Attacks: Trends and Challenges

Hoque

Bhattacharyya

Kalita

2015

IEEE Commun. Surv. Tutorials

222

View full text Add to dashboard Cite

Threats of Distributed Denial of Service (DDoS) attacks have been increasing day-by-day due to rapid development of computer networks and associated infrastructure, and millions of software applications, large and small, addressing all varieties of tasks. Botnets pose a major threat to network security as they are widely used for many Internet crimes such as DDoS attacks, identity theft, email spamming and click fraud. Botnet based DDoS attacks are catastrophic to the victim network as they can exhaust both network bandwidth and resources of the victim machine. This paper presents a comprehensive overview of DDoS attacks, their causes, types with a taxonomy and technical details of various attack launching tools. A detailed discussion of several botnet architectures, tools developed using botnet architectures and pros and cons analysis are also included. Furthermore, a list of important issues and research challenges is also reported in the paper. Attacker Victim Web Server E-Mail 1553-877X (c)

show abstract

Section: A Detection Approaches and Methodsmentioning

confidence: 99%

Botnet in DDoS Attacks: Trends and Challenges

Hoque

Bhattacharyya

Kalita

2015

IEEE Commun. Surv. Tutorials

222

View full text Add to dashboard Cite

show abstract

“…In the learning stage, the symmetry proportion is investigated in the system. [7] The edge for a consistent number of times, an assault will be accounted for. There are various confinements to this strategy.…”

Section: Related Workmentioning

confidence: 99%

A Methodology to Alleviation of Security Attack in Software Defined Network

Vijayan*¹,

Mareeswari²,

Prasanna³

et al. 2019

IJRTE

View full text Add to dashboard Cite

Computer Network is a collaboration platform for digital gadgets. Virtualization is abstracting layers from underlying Architecture. Virtualization platform provides flexibility, green resource usage and fast deployment of the carrier. Integration of Computer Network and Virtualization Platform Create Network Virtualization Platform. Software-Defined Network (SDN) Provide dynamic and scalable networking offerings to Business Environments Cloud Network and Data Centers. SDN is controlling network infrastructure with the control plane. Security is a challenging problem for the network. SDN comes with Network Programmability and automation. SDN has an advantage, but it contains a new safety issue. SDN is focused on network safety data plane and control. Security Challenges in SDN is Control Plane, Data Plane Attacks. In Controller Layer Attacker at controller Layer, an routing, visitors filtering denying, or allowing unnecessary site visitors. Control plane assault used to drop or lack of manage over traffic policy and Quality of carrier control. Data Plane Attack Attacker can create DOS Denial of Service.

show abstract

“…The camouflage strategy for the address distribution is the same as that for the individual detection, whereas for the port distribution the attacker could use 0.052V 0 camouflage packets to change the entropy to the desired value as before, and then use the remaining 0.021V 0 packets to improve the port-camouflage further. In a similar way, the camouflage technique can be applied to other scenarios with more complex detection mechanisms such as in [5].…”

Section: Complex Detection Scenariosmentioning

confidence: 99%

“…Implicitly, it is assumed/believed that entropy will change noticeably when 'significant' changes in the traffic pattern occur due to anomalous behaviours, but change little or not at all when small fluctuations about typical behaviour are encountered. In this vein, [3,5] used entropy of source IP address distributions to capture DDoS attacks, and [10] focused on worm detection using distributions from packet headers. The paper [7] considered entropy of distributions based on the number IP addresses that each host communicates with in addition to those from packet headers.…”

Section: Introductionmentioning

confidence: 99%

Learning Entropy

Zhang

Veitch

2011

Networking 2011

View full text Add to dashboard Cite

Abstract. Entropy has been widely used for anomaly detection in various disciplines. One such is in network attack detection, where its role is to detect significant changes in underlying distribution shape due to anomalous behaviour such as attacks. In this paper, we point out that entropy has significant blind spots, which can be made use by adversaries to evade detection. To illustrate the potential pitfalls, we give an in-principle analysis of network attack detection, in which we design a camouflage technique and show analytically that it can perfectly mask attacks from entropy based detector with low costs in terms of the volume of traffic brought in for camouflage. Finally, we illustrate and apply our technique to both synthetic distributions and ones taken from real traffic traces, and show how attacks undermine the detector.

show abstract

DDoS Attack Detection Algorithms Based on Entropy Computing

Cited by 25 publications

References 3 publications

Botnet in DDoS Attacks: Trends and Challenges

Botnet in DDoS Attacks: Trends and Challenges

A Methodology to Alleviation of Security Attack in Software Defined Network

Learning Entropy

Contact Info

Product

Resources

About