Visible to the public Early detection of DDoS based on φ-entropy in SDN networks

TitleEarly detection of DDoS based on φ-entropy in SDN networks
Publication TypeConference Paper
Year of Publication2020
AuthorsLi, R., Wu, B.
Conference Name2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)
Date Publishedjun
Keywordsattack detection, composability, Computer crime, computer network security, control logic, DDoS, DDoS attack detection, DDoS attack detection method, DDoS traffic formation, denial-of-service attack, distributed denial of service attack, Entropy, forwarding logic, Human Behavior, information entropy, IP networks, Metrics, Microsoft Windows, network architecture, network cyber security, pubcrawl, resilience, Resiliency, SDN, SDN networks, software defined networking, Switches, telecommunication traffic, φ-entropy
AbstractSoftware defined network (SDN) is an emerging network architecture. Its control logic and forwarding logic are separated. SDN has the characteristics of centralized management, which makes it easier for malicious attackers to use the security vulnerabilities of SDN networks to implement distributed denial Service (DDoS) attack. Information entropy is a kind of lightweight DDoS early detection method. This paper proposes a DDoS attack detection method in SDN networks based on φ-entropy. φ-entropy can adjust related parameters according to network conditions and enlarge feature differences between normal and abnormal traffic, which can make it easier to detect attacks in the early stages of DDoS traffic formation. Firstly, this article demonstrates the basic properties of φ-entropy, mathematically illustrates the feasibility of φ-entropy in DDoS detection, and then we use Mini-net to conduct simulation experiments to compare the detection effects of DDoS with Shannon entropy.
Citation Keyli_early_2020