Networking and Communication Engineering

Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

Entropy Variation Based Detecting DDoS Attack in Large Scale Networks


Affiliations
1 Department of Computer Science and Engineering, Mohamed Sathak Engineering College, Kilakarai–623 806, India
     

   Subscribe/Renew Journal


A distributed denial-of-service (DDoS) attack is an attempt to make a computer resource unavailable to its intended users. A number of IP traceback approaches have been suggested to identify attackers and there are two major methods for IP traceback, the probabilistic packet marking (PPM) and the deterministic packet marking (DPM) Both of these strategies require routers to inject marks into individual packets. The memory less feature occur in the Internet routing mechanisms makes it extremely hard for old mechanisms. So newly introduced effective and efficient IP traceback scheme against DDoS attacks based on entropy variations. In traceback mechanisms identifying the number of zombies in large scale network and all so give the authentication for blocked users. It works as an independent software module with current routing software. When the attack strength is less than seven times of the normal flow packet rate, this efficient IP trace back method cannot succeed at the moment. However, we can detect the attack with the information that we have accumulated so far using Markov-Chain Model for Cyber-Attack Detection. This makes it a feasible and easy to be implemented solution for the current Internet.

Keywords

DDoS, Entropy Variation, Flow, IP Trace back, Hidden Markov-Chain Model, Intrusion Detection.
User
Subscription Login to verify subscription
Notifications
Font Size

Abstract Views: 153

PDF Views: 2




  • Entropy Variation Based Detecting DDoS Attack in Large Scale Networks

Abstract Views: 153  |  PDF Views: 2

Authors

M. Uthaya Kumar
Department of Computer Science and Engineering, Mohamed Sathak Engineering College, Kilakarai–623 806, India
B. Aysha Banu
Department of Computer Science and Engineering, Mohamed Sathak Engineering College, Kilakarai–623 806, India

Abstract


A distributed denial-of-service (DDoS) attack is an attempt to make a computer resource unavailable to its intended users. A number of IP traceback approaches have been suggested to identify attackers and there are two major methods for IP traceback, the probabilistic packet marking (PPM) and the deterministic packet marking (DPM) Both of these strategies require routers to inject marks into individual packets. The memory less feature occur in the Internet routing mechanisms makes it extremely hard for old mechanisms. So newly introduced effective and efficient IP traceback scheme against DDoS attacks based on entropy variations. In traceback mechanisms identifying the number of zombies in large scale network and all so give the authentication for blocked users. It works as an independent software module with current routing software. When the attack strength is less than seven times of the normal flow packet rate, this efficient IP trace back method cannot succeed at the moment. However, we can detect the attack with the information that we have accumulated so far using Markov-Chain Model for Cyber-Attack Detection. This makes it a feasible and easy to be implemented solution for the current Internet.

Keywords


DDoS, Entropy Variation, Flow, IP Trace back, Hidden Markov-Chain Model, Intrusion Detection.