A DDoS Attack Detection Method Using Conditional Entropy Based on SDN Traffic

Qiwen Tian and Sumiko Miyata

Resumen

To detect each network attack in an SDN environment, an attack detection method is proposed based on an analysis of the features of the attack and the change in entropy of each parameter. Entropy is a parameter used in information theory to express a certain degree of order. However, with the increasing complexity of networks and the diversity of attack types, existing studies use a single entropy, which does not discriminate correctly between attacks and normal traffic and may lead to false positives. In this paper, we propose new state determination standards that use the normal distribution characteristics of the entropy value at the time which an attack did not occur, subdivide the normal and abnormal range represented by the entropy value, improving the accuracy of attack determination. Furthermore, we show the effectiveness of the proposed method by numerical analysis.

Palabras claves

entropy - SDN - attack detection - DDoS - abnormal traffic - flash crowds

Acceso

PÁGINAS

pp. 0 - 0

NÚMERO

Volumen: 4 Parte: 2 (2023)

MATERIAS

INFRAESTRUCTURA

REVISTAS SIMILARES

Future Internet
IoT
Big Data and Cognitive Computing

DOI

https://doi.org/10.3390/iot4020006

Artículos similares

The Robustness of Detecting Known and Unknown DDoS Saturation Attacks in SDN via the Integration of Supervised and Semi-Supervised Classifiers

Acceso

Samer Khamaiseh, Abdullah Al-Alaj, Mohammad Adnan and Hakam W. Alomari

The design of existing machine-learning-based DoS detection systems in software-defined networking (SDN) suffers from two major problems. First, the proper time window for conducting network traffic analysis is unknown and has proven challenging to deter... ver más

Revista: Future Internet

Improved DDoS Detection Utilizing Deep Neural Networks and Feedforward Neural Networks as Autoencoder

Acceso

Ahmed Latif Yaser, Hamdy M. Mousa and Mahmoud Hussein

Software-defined networking (SDN) is an innovative network paradigm, offering substantial control of network operation through a network?s architecture. SDN is an ideal platform for implementing projects involving distributed applications, security solut... ver más

Revista: Future Internet

Designing a Network Intrusion Detection System Based on Machine Learning for Software Defined Networks

Acceso

Abdulsalam O. Alzahrani and Mohammed J. F. Alenazi

Software-defined Networking (SDN) has recently developed and been put forward as a promising and encouraging solution for future internet architecture. Managed, the centralized and controlled network has become more flexible and visible using SDN. On the... ver más

Revista: Future Internet

An SDN-Enabled Architecture for IT/OT Converged Networks: A Proposal and Qualitative Analysis under DDoS Attacks

Acceso

Luca Foschini, Valentina Mignardi, Rebecca Montanari and Domenico Scotece

Real-time business practices require huge amounts of data directly from the production assets. This new thirst for accurate and timely data has forced the convergence of the traditionally business-focused information technology (IT) environment with the ... ver más

Revista: Future Internet

SDN Based Collaborative Scheme for Mitigation of DDoS Attacks

Acceso

Sufian Hameed and Hassan Ahmed Khan

Software Defined Networking (SDN) has proved itself to be a backbone in the new network design and is quickly becoming an industry standard. The idea of separation of control plane and data plane is the key concept behind SDN. SDN not only allows us to p... ver más

Revista: Future Internet

Revistas destacadas

Acceso directo a los números publicados en la revista Infrastructures

Infrastructures

Acceso directo a los números publicados en la revista Informed Infraestructure

Informed Infraestructure

Acceso directo a los números publicados en la revista BiT

Acceso directo a los números publicados en la revista Revista de la Construcción

Revista de la Construcción

Ver todas las revistas