Deakin home > Deakin University Library > Deakin Research Online > Entropy-based collaborative detection of DDOS attacks on community networks
Openly accessible

Entropy-based collaborative detection of DDOS attacks on community networks

Yu, Shui and Zhou, Wanlei 2008, Entropy-based collaborative detection of DDOS attacks on community networks, in Proceedings of the 6th Annual IEEE International Conference on Pervasive Computing and Communications, IEEE, Piscataway, N.J., pp. 566-571.

Attached Files (Some files may be inaccessible until you login with your Deakin Research Online credentials)
Name Description MIMEType Size Downloads
zhou-entropybased-2008.pdf Published version application/pdf 161.21KB 538

Title Entropy-based collaborative detection of DDOS attacks on community networks
Author(s) Yu, Shui
Zhou, Wanlei
Conference name IEEE International Conference on Pervasive Computing and Communications (6th : 2008 : Hong Kong)
Conference location Hong Kong
Conference dates 17-21 March 2008
Title of proceedings Proceedings of the 6th Annual IEEE International Conference on Pervasive Computing and Communications
Editor(s) [Unknown]
Publication date 2008
Conference series International Conference on Pervasive Computing and Communications
Start page 566
End page 571
Publisher IEEE
Place of publication Piscataway, N.J.
Summary A community network often operates with the same Internet service provider domain or the virtual network of different entities who are cooperating with each other. In such a federated network environment, routers can work closely to raise early warning of DDoS attacks to void catastrophic damages. However, the attackers simulate the normal network behaviors, e.g. pumping the attack packages as poisson distribution, to disable detection algorithms. It is an open question: how to discriminate DDoS attacks from surge legitimate accessing. We noticed that the attackers use the same mathematical functions to control the speed of attack package pumping to the victim. Based on this observation, the different attack flows of a DDoS attack share the same regularities, which is different from the real surging accessing in a short time period. We apply information theory parameter, entropy rate, to discriminate the DDoS attack from the surge legitimate accessing. We proved the effectiveness of our method in theory, and the simulations are the work in the near future. We also point out the future directions that worth to explore in the future.
ISBN 076953113X
Language eng
Field of Research 080108 Neural, Evolutionary and Fuzzy Computation
HERDC Research category E1 Full written paper - refereed
Copyright notice ©2008, IEEE
Persistent URL http://hdl.handle.net/10536/DRO/DU:30018160

Document type: Conference Paper
Collections: School of Engineering and Information Technology
Open Access Collection
Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in Deakin Research Online is owned by the author, with all rights reserved.

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.

Versions
Version Filter Type
Citation counts: TR Web of Science Citation Count  Cited 1 times in TR Web of Science
Scopus Citation Count Cited 1 times in Scopus
Access Statistics: 369 Abstract Views, 538 File Downloads  -  Detailed Statistics
Created: Fri, 14 Aug 2009, 14:05:29 EST