Deakin home > Deakin University Library > Deakin Research Online > Traceback of DDoS attacks using entropy variations

Traceback of DDoS attacks using entropy variations

Yu, Shui, Zhou, Wanlei, Doss, Robin and Jia, Weijia 2011, Traceback of DDoS attacks using entropy variations, IEEE transactions on parallel and distributed systems, vol. 22, no. 3, pp. 412-425.

Attached Files (Some files may be inaccessible until you login with your Deakin Research Online credentials)
Name Description MIMEType Size Downloads

Title Traceback of DDoS attacks using entropy variations
Author(s) Yu, Shui
Zhou, Wanlei
Doss, Robin
Jia, Weijia
Journal name IEEE transactions on parallel and distributed systems
Volume number 22
Issue number 3
Start page 412
End page 425
Publisher Piscataway, NJ
Place of publication United States
Publication date 2011-03
ISSN 1045-9219
Keyword(s) DDoS
IP traceback
entropy variation
flow
Summary Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet. However, the memoryless feature of the Internet routing mechanisms makes it extremely hard to trace back to the source of these attacks. As a result, there is no effective and efficient method to deal with this issue so far. In this paper, we propose a novel traceback method for DDoS attacks that is based on entropy variations between normal and DDoS attack traffic, which is fundamentally different from commonly used packet marking techniques. In comparison to the existing DDoS traceback methods, the proposed strategy possesses a number of advantagesit is memory nonintensive, efficiently scalable, robust against packet pollution, and independent of attack traffic patterns. The results of extensive experimental and simulation studies are presented to demonstrate the effectiveness and efficiency of the proposed method. Our experiments show that accurate traceback is possible within 20 seconds (approximately) in a large-scale attack network with thousands of zombies.
Language eng
Field of Research 080503 Networking and Communications
Socio Economic Objective 970108 Expanding Knowledge in the Information and Computing Sciences
HERDC Research category C1 Refereed article in a scholarly journal
Copyright notice ©2011, IEEE
Persistent URL http://hdl.handle.net/10536/DRO/DU:30033634

Document type: Journal Article
Collection: School of Information Technology
Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in Deakin Research Online is owned by the author, with all rights reserved.

Versions
Version Filter Type
Citation counts: TR Web of Science Citation Count  Cited 4 times in TR Web of Science
Access Statistics: 420 Abstract Views, 7 File Downloads  -  Detailed Statistics
Created: Wed, 23 Mar 2011, 15:18:31 EST by Sandra Dunoon