Please use this identifier to cite or link to this item:
https://hdl.handle.net/10356/85246
Title: | Power spectrum entropy based detection and mitigation of low-rate DoS attacks | Authors: | Chen, Zhaomin Yeo, Chai Kiat Lee, Bu Sung Lau, Chiew Tong |
Keywords: | Power Spectrum Entropy (PSE) Engineering::Computer science and engineering Low-Rate DoS (LDos) Attacks |
Issue Date: | 2018 | Source: | Chen, Z., Yeo, C. K., Lee, B. S., & Lau, C. T. (2018). Power spectrum entropy based detection and mitigation of low-rate DoS attacks. Computer Networks, 136, 80-94. doi:10.1016/j.comnet.2018.02.029 | Series/Report no.: | Computer Networks | Abstract: | Low-Rate DoS (LDoS) attacks send periodical packet bursts to the bottleneck routers which can throttle the bandwidth of TCP flows. They are difficult to detect while severely degrading the Quality of Service (QoS) of TCP applications. By combining Power Spectrum Analysis with Information Entropy, we introduce two novel information metrics to detect the LDoS attacks: Fourier Power Spectrum Entropy (FPSE) and Wavelet Power Spectrum Entropy (WPSE). As the energy of LDoS attack signal is mostly concentrated in the low-frequency range, FPSE and WPSE of LDoS attacks both exhibit lower values compared to those of normal flows. Therefore, these two metrics can be applied here to detect LDoS attacks efficiently. By evaluating on NS-3 simulations and real network traces, the results validate the effectiveness of these two metrics to differentiate LDoS attacks from normal flows. They can detect the LDoS attacks efficiently with fewer false alarms compared to the other detection mechanisms. Based on these two metrics, we also propose a Power Spectrum Entropy-based Robust-RED (PRRED) queuing algorithm to mitigate LDoS attacks. The evaluation results in NS-3 demonstrate that the proposed algorithm is able to effectively preserve the TCP bandwidth while countering the different LDoS attacks. | URI: | https://hdl.handle.net/10356/85246 http://hdl.handle.net/10220/49182 |
ISSN: | 1389-1286 | DOI: | 10.1016/j.comnet.2018.02.029 | Schools: | School of Computer Science and Engineering | Organisations: | Computer Network and Communication Graduate Lab | Rights: | © 2018 Elsevier B.V. All rights reserved. This paper was published in Computer Networks and is made available with permission of Elsevier B.V. | Fulltext Permission: | none | Fulltext Availability: | No Fulltext |
Appears in Collections: | SCSE Journal Articles |
SCOPUSTM
Citations
10
51
Updated on Mar 10, 2024
Web of ScienceTM
Citations
10
41
Updated on Oct 27, 2023
Page view(s) 50
458
Updated on Mar 19, 2024
Google ScholarTM
Check
Altmetric
Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.