Publication: Entropy-based input-output traffic mode detection scheme for DoS/DDoS attacks
Issued Date
2010-12-01
Resource Type
Other identifier(s)
2-s2.0-78651254040
Rights
Mahidol University
Rights Holder(s)
SCOPUS
Bibliographic Citation
ISCIT 2010 - 2010 10th International Symposium on Communications and Information Technologies. (2010), 804-809
Suggested Citation
Suratose Tritilanunt, Suphannee Sivakorn, Choochern Juengjincharoen, Ausanee Siripornpisan Entropy-based input-output traffic mode detection scheme for DoS/DDoS attacks. ISCIT 2010 - 2010 10th International Symposium on Communications and Information Technologies. (2010), 804-809. doi:10.1109/ISCIT.2010.5665097 Retrieved from: https://repository.li.mahidol.ac.th/handle/123456789/28971
Research Projects
Organizational Units
Authors
Journal Issue
Thesis
Title
Entropy-based input-output traffic mode detection scheme for DoS/DDoS attacks
Other Contributor(s)
Abstract
Denial-of-service attacks (DoS) and distributed denial-of-service attacks (DDoS) attempt to temporarily disrupt users or computer resources to cause service unavailability to legitimate users in the internetworking system. The most common type of DoS attack occurs when adversaries flood a large amount of bogus data to interfere or disrupt the service on the server. By using a volume-based scheme to detect such attacks, this technique would not be able to inspect short-term denial-of-service attacks, as well as cannot distinguish between heavy load from legitimate users and huge number of bogus messages from attackers. As a result, this paper provides a detection mechanism based on a technique of entropy-based input-output traffic mode detection scheme. The experimental results demonstrate that our approach is able to detect several kinds of denial-of-service attacks, even small spike of such attacks. ©2010 IEEE.