Journal
PATTERN RECOGNITION LETTERS
Volume 51, Issue -, Pages 1-7Publisher
ELSEVIER
DOI: 10.1016/j.patrec.2014.07.019
Keywords
DDoS attack; Information metric; Threat; Network traffic; Entropy
Categories
Funding
- Department of Information Technology and Council of Scientific & Industrial Research (CSIR), Government of India
Ask authors/readers for more resources
Distributed Denial of Service (DDoS) attacks represent a major threat to uninterrupted and efficient Internet service. In this paper, we empirically evaluate several major information metrics, namely, Hartley entropy, Shannon entropy, Renyi's entropy, generalized entropy, Kullback-Leibler divergence and generalized information distance measure in their ability to detect both low-rate and high-rate DDoS attacks. These metrics can be used to describe characteristics of network traffic data and an appropriate metric facilitates building an effective model to detect both low-rate and high-rate DDoS attacks. We use MIT Lincoln Laboratory, CAIDA and TUIDS DDoS datasets to illustrate the efficiency and effectiveness of each metric for DDoS detection. (C) 2014 Elsevier B.V. All rights reserved.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available