Title :
Detection & study of DDoS attacks via entropy in data network models
Author :
Lawniczak, Anna T. ; Di Stefano, Bruno N. ; Wu, Hao
Author_Institution :
Dept. Math. & Stat., Univ. of Guelph, Guelph, ON, Canada
Abstract :
We detect & study packet traffic anomalies similar to DDoS attacks using information entropy. We perform network-wide monitoring of information entropy of packet traffic at a small number of selected routers. Our method is based on the fact that DDoS attacks change the ¿natural¿ order and randomness of packet traffic passing through monitored routers when an attack is taking place in the network. Through this change we detect the start of the attack and study its evolution. We conduct this study for packet-switching networks using static and dynamic routing.
Keywords :
entropy; packet switching; telecommunication security; telecommunication traffic; DDoS attack; data network model; denial of service attack; dynamic routing; information entropy; network wide monitoring; packet switching network; packet traffic anomaly; static routing; Computational intelligence; Computer crime; Computer networks; Computer security; Data security; Floods; Information entropy; Internet; Monitoring; Telecommunication traffic;
Conference_Titel :
Computational Intelligence for Security and Defense Applications, 2009. CISDA 2009. IEEE Symposium on
Conference_Location :
Ottawa, ON
Print_ISBN :
978-1-4244-3763-4
Electronic_ISBN :
978-1-4244-3764-1
DOI :
10.1109/CISDA.2009.5356521
