Title :
Entropy methods for DDoS attacks detection in telecommunication systems
Author :
Popovskyy, Vladimir ; Skibin, Vladislav
Author_Institution :
Telecommun. Syst. Dept., Kharkiv Nat. Univ. of Radoielectronics, Kharkiv, Ukraine
Abstract :
The given article is devoted to the protection of telecommunications networks from DDoS-attacks. The goal is the synthesis of DDoS-attacks detection method which is not related to the attacks parameters and parameters of network and transport layers. A universal sign of attack emergence can be appearance of information measure anomaly of both total traffic and its certain characteristics. On the basis of this hypothesis a method for the detection of DDoS-attacks based on entropy of network traffic is developed in the article. It is reasonable to base the solution for information anomaly detection on recursive procedures of estimation of current entropy state. The entropy itself must be formed on the basis of sample in the assigned window. The use of this method is demonstrated on the example of abrupt and smooth emergence of attack.
Keywords :
computer network security; DDoS attacks detection method; entropy methods; information anomaly detection; network layers; network traffic; telecommunication systems; telecommunications networks; transport layers; Computer crime; Entropy; Estimation; Interference; Monitoring; Stability analysis; Telecommunications; DDoS-attack; entropy; network elements; telecommunication system;
Conference_Titel :
Infocommunications Science and Technology, 2014 First International Scientific-Practical Conference Problems of
Conference_Location :
Kharkov
Print_ISBN :
978-1-4799-7342-2
DOI :
10.1109/INFOCOMMST.2014.6992345
