DocumentCode :
3509779
Title :
A new relative entropy based app-DDoS detection method
Author :
Wang, Jin ; Yang, Xiaolong ; Long, Keping
Author_Institution :
Res. Center for Opt. Internet & Mobile Inf. Network, Univ. of Electron. Sci. & Technol. of China, Chengdu, China
fYear :
2010
fDate :
22-25 June 2010
Firstpage :
966
Lastpage :
968
Abstract :
Distributed Denial of Service (abbreviated DDoS) attack is a serious problem to the network services. This paper analyzed some solutions to the application layer DDoS (abbreviated app-DDoS) attack, and proposed a relative entropy based app-DDoS detection method. Our scheme includes two stages: learning stage and detection stage. Firstly at the learning stage, it extracts main click features of web objects with the cluster methods. Then at the detection stages, it computes the relative entropy for each session according to the learning result. The greater the session´s relative entropy, the more suspicious the session is. At last, simulation results suggest that this method can differentiate the attack session with high detection rate and low false negative ratio.
Keywords :
Humans; Indexes; DDoS; IP network; relative entropy;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Computers and Communications (ISCC), 2010 IEEE Symposium on
Conference_Location :
Riccione, Italy
ISSN :
1530-1346
Print_ISBN :
978-1-4244-7754-8
Type :
conf
DOI :
10.1109/ISCC.2010.5546587
Filename :
5546587
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3509779
بازگشت