{"title":"累积熵:一种有效的DDoS攻击检测方法","authors":"Ilker Özçelik, R. Brooks","doi":"10.1109/SGCF.2016.7492429","DOIUrl":null,"url":null,"abstract":"Computers and Internet have evolved into necessary tools for our professional, personal and social lives. As a result of growing dependence, the availability of these systems has become a concern. This concern increases exponentially when considering systems such as smart power grids and public utility services. Therefore, research should be conducted to develop effective ways of detecting system anomalies. Denial of Service attacks are an important problem for the communication systems. Researchers proposed many DDoS detection approaches. In this study, we propose a novel DDoS detection approach: Cusum - Entropy. Our approach performs additional signal processing on the entropy of the packet header field to improve detection efficiency. We tested our approach using operational network traffic and performing DDoS attacks without jeopardizing the operation network. Our results showed that our approach gives high detection and low false positive rates and outperforms the detection approach using the entropy of packet header field.","PeriodicalId":403426,"journal":{"name":"2016 4th International Istanbul Smart Grid Congress and Fair (ICSG)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"31","resultStr":"{\"title\":\"Cusum - entropy: an efficient method for DDoS attack detection\",\"authors\":\"Ilker Özçelik, R. Brooks\",\"doi\":\"10.1109/SGCF.2016.7492429\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Computers and Internet have evolved into necessary tools for our professional, personal and social lives. As a result of growing dependence, the availability of these systems has become a concern. This concern increases exponentially when considering systems such as smart power grids and public utility services. Therefore, research should be conducted to develop effective ways of detecting system anomalies. Denial of Service attacks are an important problem for the communication systems. Researchers proposed many DDoS detection approaches. In this study, we propose a novel DDoS detection approach: Cusum - Entropy. Our approach performs additional signal processing on the entropy of the packet header field to improve detection efficiency. We tested our approach using operational network traffic and performing DDoS attacks without jeopardizing the operation network. Our results showed that our approach gives high detection and low false positive rates and outperforms the detection approach using the entropy of packet header field.\",\"PeriodicalId\":403426,\"journal\":{\"name\":\"2016 4th International Istanbul Smart Grid Congress and Fair (ICSG)\",\"volume\":\"22 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-04-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"31\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 4th International Istanbul Smart Grid Congress and Fair (ICSG)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SGCF.2016.7492429\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 4th International Istanbul Smart Grid Congress and Fair (ICSG)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SGCF.2016.7492429","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Cusum - entropy: an efficient method for DDoS attack detection
Computers and Internet have evolved into necessary tools for our professional, personal and social lives. As a result of growing dependence, the availability of these systems has become a concern. This concern increases exponentially when considering systems such as smart power grids and public utility services. Therefore, research should be conducted to develop effective ways of detecting system anomalies. Denial of Service attacks are an important problem for the communication systems. Researchers proposed many DDoS detection approaches. In this study, we propose a novel DDoS detection approach: Cusum - Entropy. Our approach performs additional signal processing on the entropy of the packet header field to improve detection efficiency. We tested our approach using operational network traffic and performing DDoS attacks without jeopardizing the operation network. Our results showed that our approach gives high detection and low false positive rates and outperforms the detection approach using the entropy of packet header field.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
