Abstract
A Distributed Denial-of-Service (DDoS) attack is a distributed, coordinated attack on the availability of services of a target system or network that is launched indirectly through many compromised computing systems. A low-rate DDoS attack is an intelligent attack that the attacker can send attack packets to the victim at a sufficiently low rate to elude current anomaly-based detection. An information metric can quantify the differences of network traffic with various probability distributions. In this paper, an anomaly-based approach using two new information metrics such as the generalized entropy metric and the information distance metric, to detect low-rate DDoS attacks by measuring the difference between legitimate traffic and attack traffic is proposed. DDoS attacks detection metric is combined with IP traceback algorithm to form an effective collaborative defense mechanism against DDoS attacks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ashley C, Jaipal S, Wanlei Z (2009) Chaos theory based detection against network mimicking DDoS attacks. IEEE Commun Lett 13(9):717–719
Xiang Y, Li K, Zhou W (2011) Low-rate DDoS attacks detection and traceback by using new information metrics. IEEE Trans Inform Forensics Secur 6(2):426–437
Yu S, Zhou W, Doss R, Jia W (2011) Traceback of DDoS attacks using entropy variations. IEEE Trans Parallel Distribd Sys 22(3):412–425
Li K, Zhou W, Yu S (2009) Effective metric for detecting distributed denial-of- service attacks based on information divergence. IET Commun 3(12):1859–2860
Yu S, Zhou W, Doss R (2008) Information theory based detection against network behavior mimicking DDoS attack. IEEE Commun Lett 12:319−321
Sheng Z, Zhang Q, Pan X, Xuhui Z (2010) Detection of low-rate DDoS attack based on self-similarity. In; Proceeding International Workshop on Education Technology and Computer Science pp 333–336
Liu Y, Yin J, Cheng J, Zhang B (2010) detecting ddos attacks using conditional entropy. International conference on computer application and system modeling (ICCASM 2010)
Giseop N, Ilkyeun R (2009) An efficient and reliable DDoS attack detection using a fast entropy computation method. ISCIT
Lee W, Xiang D (2001) Information-Theoretic measures for anomaly detection. In: Proceeding IEEE Symposium Security and Privacy pp 130–143
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer Science+Business Media New York
About this paper
Cite this paper
Senthilmahesh, P.C., Hemalatha, S., Rodrigues, P., Shanthakumari, A. (2013). DDoS Attacks Defense System Using Information Metrics. In: Das, V. (eds) Proceedings of the Third International Conference on Trends in Information, Telecommunication and Computing. Lecture Notes in Electrical Engineering, vol 150. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-3363-7_3
Download citation
DOI: https://doi.org/10.1007/978-1-4614-3363-7_3
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-3362-0
Online ISBN: 978-1-4614-3363-7
eBook Packages: EngineeringEngineering (R0)