• DocumentCode
    3527578
  • Title

    Distinguishing DDoS Attack from Flash Event Using Real-World Datasets with Entropy as an Evaluation Metric

  • Author

    Mahajan, Dhruv ; Sachdeva, Monika

  • Author_Institution
    Dept. of Comput. Sci. & Eng., Shaheed Bhagat Singh State Tech. Campus, Ferozpur, India
  • fYear
    2013
  • fDate
    21-23 Dec. 2013
  • Firstpage
    90
  • Lastpage
    94
  • Abstract
    DDoS attack distributed nature causes immense danger to network security. Their ability to send large amount of malicious traffic through multiple agents is a barrier in defending these attacks. Their detection still remains exigent. The situation gets worst as these attacks share similar characteristics with Flash Events where large quantity of legitimate requests come to server on spread of a newsworthy event. In this paper, we classify the DDoS attack from Flash Event using entropy as a metric based on randomness of source IP addresses on a web server. In this work, real-world datasets are used depicting real time scenario of both DDoS attack as well as Flash Event.
  • Keywords
    entropy; security of data; DDoS attack; Web server; distributed denial of service; entropy; evaluation metric; flash events; malicious traffic; network security; Computer crime; Entropy; IP networks; Iron; Web servers; Bots; DDoS Attack; Entropy; Flash Event; Randomness; datasets;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Machine Intelligence and Research Advancement (ICMIRA), 2013 International Conference on
  • Conference_Location
    Katra
  • Type

    conf

  • DOI
    10.1109/ICMIRA.2013.24
  • Filename
    6918801
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3527578