全部 标题 作者
关键词 摘要

OALib Journal期刊
ISSN: 2333-9721
费用:99美元

查看量下载量

相关文章

更多...

Using Renyi Cross Entropy to Analyze Traffic Matrix and Detect DDoS Attacks

Keywords: traffic matrix , Renyi cross entropy , DDoS attack , Anomaly detection , traffic analysis

Full-Text   Cite this paper   Add to My Lib

Abstract:

In this study, we propose Renyi cross entropy to analyze matrix traffic and detect anomaly rather than other entropy metrics, such as Shannon entropy, used extensively in many earlier studies. At first, we introduce a new type of traffic termed IF-flow (internal flow) collected in router. IF-flow can make the attack traffic more conspicuous in a large number of normal traffics, which makes attacks, especially DDoS attacks, spotted more easily. Then, the analysis of Renyi cross entropy of IF-flow matrix traffic, Abilene matrix traffic confirms that matrix traffic distribution has local stability in time. This conclusion provides a guidance to accurately detect anomaly. Finally, Renyi cross entropy is used to detect DDoS attacks existed in IF-flow testing data set and Abilene testing data set. The results of detection experiments show Renyi cross entropy based method can detect DDoS attacks at the beginning with higher detection rate, lower false alarm than Shannon entropy based method.

Full-Text

Contact Us

service@oalib.com

QQ:3279437679

WhatsApp +8615387084133