Title :
DDoS flooding attack detection through a step-by-step investigation
Author :
Jun, Jae-Hyun ; Oh, Hyunju ; Kim, Sung-ho
Author_Institution :
Electr. Eng. & Comput. Sci., Kyungpook Nat. Univ., Daegu, South Korea
Abstract :
Internet users are increases, distributed denial of service (DDoS) attack present a very serious threat to the stability of the internet. The DDoS attack, which is consuming all of the computing or communication resources necessary for the service, is known very difficult to protect. The threat posed by network attacks on large network, such as the internet, demands effective detection method. Therefore, an intrusion detection system on large network is need to efficient real-time detection. In this paper, we propose the entropy-based detection mechanism against DDoS attacks in order to guarantee the transmission of normal traffic and prevent the flood of abnormal traffic. The OPNET simulation results show that our ideas can provide enough services in DDoS attack.
Keywords :
Internet; computer network security; entropy; telecommunication traffic; DDoS flooding attack detection; Internet; OPNET simulation; abnormal traffic flood prevention; communication resources; computing resources; distributed denial-of-service attack; entropy-based detection mechanism; intrusion detection system; network attacks; normal traffic transmission; step-by-step investigation; Computer crime; Computers; Electronic mail; Entropy; IP networks; Internet; Servers; DDoS Detection; DDoS Flooding attack; Distributed Denial-of-Service; Entropy; Quaily-of-Service;
Conference_Titel :
Networked Embedded Systems for Enterprise Applications (NESEA), 2011 IEEE 2nd International Conference on
Conference_Location :
Fremantle, WA
Print_ISBN :
978-1-4673-0495-5
DOI :
10.1109/NESEA.2011.6144944
