What is it about?
Entropy formulas have been used in detection of denial-of-service attacks for more than a decade. In this article we compare the performance of five entropy formulas using a dataset generated by emulation in DETER testbed. Besides the well known Shannon, Tsallis, and Renyi formulas, in the comparison are included two more recent and less known: Bhatia-Singh and Ubriaco. Our goal is to check the conlusions of an earlier comparison, which used a dataset generated in a network simulator.
Featured Image
Why is it important?
Denial-of-service attacks are an important phenomenon in today's Internet. They inflict huge losses to organizations that rely on Internet for communication with their clients. On the other hand, the efficient defense is yet to be found. So this paper is an effort to build efficient detectors, as a timely detection close to the source of the attack is crucial for the defense.
Perspectives
Emulation of DoS attacks in the context of DoS detection related research has certain advantages compared to the use of old datasets (such as KDD 99), network simulation or artificial injection of attack traffic into existing datasets. We tried to revise our earlier findings on the performance of five entropy formulas which were based on a dataset generated by simulation - this time using emulation for generation of the dataset.
Dr Ilija Basicevic
University of Novi Sad
Read the Original
This page is a summary of: On the use of generalized entropy formulas in detection of denial‐of‐service attacks, Security and Privacy, October 2020, Wiley,
DOI: 10.1002/spy2.134.
You can read the full text:
Contributors
The following have contributed to this page
