An Advanced Entropy-Based DDOS Detection Scheme
Prior work has shown entropy-based DDOS detection is suitable for detecting low-rate DOS. A key challenge in this approach is to determine the most suitable threshold for detecting DDOS attacks accurately. To address this challenge, we propose an advanced entropy-based (AEB) scheme, which divides variable rate DDOS attacks into different fields and treats each field with different methods. Compared with prior entropy-based approaches, our scheme has significant better performance on distinguishing waves of legal traffic and flash crowds from low-rate DOS. We validate the effectiveness of our scheme by conducting extensive simulation in NS-2. Both theoretical analysis and experimental results show that our scheme can efficiently detect DDOS attacks with high accuracy.
DDOS Entropy-based Attacking Detection
Jie Zhang Zheng Qin Lu Ou Pei Jiang JianRong Liu Alex X.Liu
College of Software Hunan University Changsha, Hunan 410082, China Dept.of CSE Michigan State University East Lansing, MI 48824-1266, U.S.A.
国际会议
昆明
英文
67-71
2010-10-17(万方平台首次上网日期,不代表论文的发表时间)