Entropy-Based Collaborative Detection of DDOS Attacks on Community Networks

March 17-March 21

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/PERCOM.2008.12

2008 Sixth Annual IEEE International ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Shui Yu Articles by Wanlei Zhou

	ASCII Text	x
	Shui Yu, Wanlei Zhou, "Entropy-Based Collaborative Detection of DDOS Attacks on Community Networks," Pervasive Computing and Communications, IEEE International Conference on, pp. 566-571, 2008 Sixth Annual IEEE International Conference on Pervasive Computing and Communications, 2008.

	BibTex	x
	@article{ 10.1109/PERCOM.2008.12, author = {Shui Yu and Wanlei Zhou}, title = {Entropy-Based Collaborative Detection of DDOS Attacks on Community Networks}, journal ={Pervasive Computing and Communications, IEEE International Conference on}, volume = {0}, year = {2008}, isbn = {978-0-7695-3113-7}, pages = {566-571}, doi = {http://doi.ieeecomputersociety.org/10.1109/PERCOM.2008.12}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Pervasive Computing and Communications, IEEE International Conference on TI - Entropy-Based Collaborative Detection of DDOS Attacks on Community Networks SN - 978-0-7695-3113-7 SP566 EP571 A1 - Shui Yu, A1 - Wanlei Zhou, PY - 2008 KW - null VL - 0 JA - Pervasive Computing and Communications, IEEE International Conference on ER -

Shui Yu

Wanlei Zhou

A community network often operates with the same Internet Service Provider domain or the virtual network of different entities who are cooperating with each other. In such a federated network environment, routers can work closely to raise early warning of DDoS attacks to void catastrophic damages. However, the attackers simulate the normal network behaviors, e.g. pumping the attack packages as Poisson distribution, to disable detection algorithms. It is an open question: how to discriminate DDoS attacks from surge legitimate accessing. We noticed that the attackers use the same mathematical functions to control the speed of attack package pumping to the victim. Based on this observation, the different attack flows of a DDoS attack share the same regularities, which is different from the real surging accessing in a short time period. We apply information theory parameter, entropy rate, to discriminate the DDoS attack from the surge legitimate accessing. We proved the effectiveness of our method in theory, and the simulations are the work in the near future. We also point out the future directions that worth to explore in the future.

Citation:

Shui Yu, Wanlei Zhou, "Entropy-Based Collaborative Detection of DDOS Attacks on Community Networks," percom, pp.566-571, 2008 Sixth Annual IEEE International Conference on Pervasive Computing and Communications, 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.