Detecting DoS attacks using packet size distribution

Author

Du, Ping ; Abe, Shunji

Author_Institution

Nat. Inst. of Inf., Tokyo

fYear

2007

fDate

10-12 Dec. 2007

Firstpage

Lastpage

Abstract

Enabling early detection of Denial of service (DoS) attacks in network traffic is an important and challenging task because DoS attacks have become one of the most serious threats to the Internet. In this paper, we develop an IP packet size entropy (IPSE)-based DoS detection scheme in which the entropy is markedly changed when traffic is affected by an attack. Through our analysis, we find that the IPSE-based scheme is capable of detecting not only long-term attacks but also short-term attacks that are beyond the volume-based schemespsila ability to detect.

Keywords

IP networks; Internet; entropy; security of data; telecommunication traffic; DoS attacks detection; IP packet size entropy; IPSE; Internet; denial of service; network security; Computer crime; Computer vision; Entropy; Floods; IP networks; Informatics; Permission; Proposals; Telecommunication traffic; Web and internet services; Attack detection; Denial of service attack; Network security;

fLanguage

English

Publisher

ieee

Conference_Titel

Bio-Inspired Models of Network, Information and Computing Systems, 2007. Bionetics 2007. 2nd

Conference_Location

Budapest

Print_ISBN

978-963-9799-05-9

Electronic_ISBN

978-963-9799-05-9

Type

conf

DOI

10.1109/BIMNICS.2007.4610090

Filename

4610090

Link To Document

https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2719211