期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

改进的基于熵的DDoS攻击检测方法 被引量:6

Modified method of detecting DDoS attacks based on entropy
下载PDF
导出
摘要 基于熵的分布式拒绝服务攻击(DDoS)攻击的检测方法相比其他基于流量或特征的检测方法,具有计算简便、灵敏度高、误报率低、不增加额外网络流量、不增加额外硬件成本等特点。为了进一步提高了DDoS攻击检测的准确率,并降低误报率,提出一种改进的基于熵的DDoS攻击检测方法。该方法将DDoS攻击细分为不同的威胁等级,对每个威胁等级的攻击进行不同次数的检测。NS-2模拟实验结果验证了其有效性。 Compared with the volume or feature based approaches,detecting Distributed Denial of Service(DDoS) attacks based on entropy has the following advantages: simple calculation,high sensitivity,low false positive rate,no need of additional network traffic and device.For the purpose of getting higher precision and lower false positive rate in contrast to traditional entropy-based approaches,a Modified Entropy-Based(MEB) scheme was proposed in this paper,which divided DDoS attacks into different threat levels and treated each threat level with according method.The effeciency of this scheme was validated with simulation in NS-2.
作者 张洁 秦拯
机构地区 湖南大学软件学院
出处 《计算机应用》 CSCD 北大核心 2010年第7期1778-1781,共4页 journal of Computer Applications
基金 国家973计划项目(2007CB310702) 湖南省自然科学基金资助项目(09JJ3124) 广东省自然科学基金资助项目(7007730) 广东省科技计划项目(0711020400157) 东莞市科技攻关项目(2006D1046 2007108101021)
关键词 分布式拒绝服务 攻击检测 Distributed Denial of Service(DDoS) entropy attacking detection
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献16

  • 1MEHTA M,THAPAR K,OIKONOMOU G,et al.Combining speak-up with DefCOM for improved DDoS defense[C] // IEEE International Conference on Communications.New York:IEEE,2008:1708-1714. 被引量:1
  • 2SUN HUIZHONG,ZHAUNG Y,CHAO J H.A principal components analysis-based robust DDoS defense system[C] // IEEE International Conference on Communications,New York:IEEE,2008:1663-1669. 被引量:1
  • 3SUL W T,LIN T C,WU C Y,et al.An on-line DDoS attack traceback and mitigation system based on network performance monitoring[C] // Proceedings of 10th International Conference on Advanced Communication Technology.New York:IEEE,2008:1467-1472. 被引量:1
  • 4CHEN YU,HWANG K,KU W S.Collaborative detection of DDoS attacks over multiple network domains[J].IEEE Transactions on Parallel and Distributed Systems,2007,18(12):1649-1662. 被引量:1
  • 5KHOR S N.Overfort:Combating DDoS with peer-to-peer DDoS puzzle[C] // IEEE International Symposium on Parallel and Distributed Processing.New York:IEEE,2008:1-8. 被引量:1
  • 6KUMAR K,JOSHI R C,SINGH K.A distributed approach using entropy to detect DDoS attack[C] // International Conference on Communications and Networking.New York:IEEE,2007:331-337. 被引量:1
  • 7SARDANA A,JOSHI R C,KIM T H.Deciding optimal entropic thresholds to calibrate the detection mechanism for variable rate DDoS attacks in ISP domain[C] // Proceedings of the 2008 International Conference on Information Security and Assurance.Washington,DC:IEEE Computer Society,2008:270-275. 被引量:1
  • 8YU SHUI,ZHOU WANLEI.Entropy-based collaborative detection of DDoS attacks on community networks[C] // Proceedings of the 2008 6th Annual IEEE International Conference on Pervasive Computing and Communications.Washington,DC:IEEE Computer Society,2008:566-571. 被引量:1
  • 9YU SHUI,ZHOU WANLEI.Information theory based detection against network behavior mimicking DDoS attacks[J].Communications Letters,2008,12(4):318-321. 被引量:1
  • 10SARDANA A,KUMAR K,JOSHI R C.Detection and honeypot based redirection to counter DDoS attacks in ISP domain[C] // Proceedings of 3rd International Symposium on Information Assurance and Security.Washington,DC:IEEE Computer Society,2007:191-196. 被引量:1

同被引文献28

引证文献6

二级引证文献8

计算机应用
2010年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部