A DDoS Attack Detection Method Using Conditional Entropy Based on SDN Traffic

Qiwen Tian, Sumiko Miyata

研究成果: Article査読

1 被引用数 (Scopus)

抄録

To detect each network attack in an SDN environment, an attack detection method is proposed based on an analysis of the features of the attack and the change in entropy of each parameter. Entropy is a parameter used in information theory to express a certain degree of order. However, with the increasing complexity of networks and the diversity of attack types, existing studies use a single entropy, which does not discriminate correctly between attacks and normal traffic and may lead to false positives. In this paper, we propose new state determination standards that use the normal distribution characteristics of the entropy value at the time which an attack did not occur, subdivide the normal and abnormal range represented by the entropy value, improving the accuracy of attack determination. Furthermore, we show the effectiveness of the proposed method by numerical analysis.

本文言語English
ページ(範囲)95-111
ページ数17
ジャーナルInternet of Things
4
2
DOI
出版ステータスPublished - 2023 6月

ASJC Scopus subject areas

  • コンピュータ サイエンス(その他)
  • 工学(その他)
  • 電子工学および電気工学

フィンガープリント

「A DDoS Attack Detection Method Using Conditional Entropy Based on SDN Traffic」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル