Visible to the public Investigating Real-Time Entropy Features of DDoS Attack Based on Categorized Partial-Flows

TitleInvestigating Real-Time Entropy Features of DDoS Attack Based on Categorized Partial-Flows
Publication TypeConference Paper
Year of Publication2020
AuthorsLotfalizadeh, H., Kim, D. S.
Conference Name2020 14th International Conference on Ubiquitous Information Management and Communication (IMCOM)
Keywordscategorized partial-flows, composability, Computer crime, computer network security, computer networks, DDoS attack detection, DDoS attack detection capabilities, Entropy, feature extraction, Human Behavior, Internet, Internet of Things, IoT devices, IP networks, Metrics, OpenFlow, openflowbased switch capabilities, packet count entropies, Partial flow, Protocols, pubcrawl, real-time entropy features, Real-time Systems, resilience, Resiliency, SDN, SDN technology, software defined networking, software-defined networking, Switches
AbstractWith the advent of IoT devices and exponential growth of nodes on the internet, computer networks are facing new challenges, with one of the more important ones being DDoS attacks. In this paper, new features to detect initiation and termination of DDoS attacks are investigated. The method to extract these features is devised with respect to some openflowbased switch capabilities. These features provide us with a higher resolution to view and process packet count entropies, thus improving DDoS attack detection capabilities. Although some of the technical assumptions are based on SDN technology and openflow protocol, the methodology can be applied in other networking paradigms as well.
Citation Keylotfalizadeh_investigating_2020