You are not logged in.

Traceback of DDoS attacks using entropy variations

Yu, Shui, Zhou, Wanlei, Doss, Robin and Jia, Weijia 2011, Traceback of DDoS attacks using entropy variations, IEEE transactions on parallel and distributed systems, vol. 22, no. 3, pp. 412-425, doi: 10.1109/TPDS.2010.97.

Attached Files
Name Description MIMEType Size Downloads

Title Traceback of DDoS attacks using entropy variations
Author(s) Yu, ShuiORCID iD for Yu, Shui orcid.org/0000-0003-4485-6743
Zhou, WanleiORCID iD for Zhou, Wanlei orcid.org/0000-0002-1680-2521
Doss, RobinORCID iD for Doss, Robin orcid.org/0000-0001-6143-6850
Jia, Weijia
Journal name IEEE transactions on parallel and distributed systems
Volume number 22
Issue number 3
Start page 412
End page 425
Total pages 14
Publisher Piscataway, NJ
Place of publication United States
Publication date 2011-03
ISSN 1045-9219
1558-2183
Keyword(s) DDoS
IP traceback
entropy variation
flow
Summary Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet. However, the memoryless feature of the Internet routing mechanisms makes it extremely hard to trace back to the source of these attacks. As a result, there is no effective and efficient method to deal with this issue so far. In this paper, we propose a novel traceback method for DDoS attacks that is based on entropy variations between normal and DDoS attack traffic, which is fundamentally different from commonly used packet marking techniques. In comparison to the existing DDoS traceback methods, the proposed strategy possesses a number of advantagesit is memory nonintensive, efficiently scalable, robust against packet pollution, and independent of attack traffic patterns. The results of extensive experimental and simulation studies are presented to demonstrate the effectiveness and efficiency of the proposed method. Our experiments show that accurate traceback is possible within 20 seconds (approximately) in a large-scale attack network with thousands of zombies.
Language eng
DOI 10.1109/TPDS.2010.97
Field of Research 080503 Networking and Communications
Socio Economic Objective 970108 Expanding Knowledge in the Information and Computing Sciences
HERDC Research category C1 Refereed article in a scholarly journal
Copyright notice ©2011, IEEE
Persistent URL http://hdl.handle.net/10536/DRO/DU:30033634

Document type: Journal Article
Collection: School of Information Technology
Connect to link resolver
 
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Versions
Version Filter Type
Citation counts: TR Web of Science Citation Count  Cited 44 times in TR Web of Science
Scopus Citation Count Cited 43 times in Scopus
Google Scholar Search Google Scholar
Access Statistics: 718 Abstract Views, 9 File Downloads  -  Detailed Statistics
Created: Wed, 23 Mar 2011, 15:18:31 EST by Sandra Dunoon

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.