• DocumentCode
    2715944
  • Title

    Detection & study of DDoS attacks via entropy in data network models

  • Author

    Lawniczak, Anna T. ; Di Stefano, Bruno N. ; Wu, Hao

  • Author_Institution
    Dept. Math. & Stat., Univ. of Guelph, Guelph, ON, Canada
  • fYear
    2009
  • fDate
    8-10 July 2009
  • Firstpage
    1
  • Lastpage
    8
  • Abstract
    We detect & study packet traffic anomalies similar to DDoS attacks using information entropy. We perform network-wide monitoring of information entropy of packet traffic at a small number of selected routers. Our method is based on the fact that DDoS attacks change the ¿natural¿ order and randomness of packet traffic passing through monitored routers when an attack is taking place in the network. Through this change we detect the start of the attack and study its evolution. We conduct this study for packet-switching networks using static and dynamic routing.
  • Keywords
    entropy; packet switching; telecommunication security; telecommunication traffic; DDoS attack; data network model; denial of service attack; dynamic routing; information entropy; network wide monitoring; packet switching network; packet traffic anomaly; static routing; Computational intelligence; Computer crime; Computer networks; Computer security; Data security; Floods; Information entropy; Internet; Monitoring; Telecommunication traffic;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computational Intelligence for Security and Defense Applications, 2009. CISDA 2009. IEEE Symposium on
  • Conference_Location
    Ottawa, ON
  • Print_ISBN
    978-1-4244-3763-4
  • Electronic_ISBN
    978-1-4244-3764-1
  • Type

    conf

  • DOI
    10.1109/CISDA.2009.5356521
  • Filename
    5356521
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2715944