![Sample our Computer Science journals, sign in here to start your access, latest two full volumes FREE to you for 14 days]({"type":"image" , "src" : "/sda/5928/TOC-Subject-Sample-2021-Computer-Science.jpg"})
Abstract
Distributed Denail‐of‐Service (DDoS) attacks are a serious threat to the safety and security of cyberspace. In this paper we propose a novel metric to detect DDoS attacks in the Internet. More precisely, we use the function of order α of the generalized (Rényi) entropy to distinguish DDoS attacks traffic from legitimate network traffic effectively. In information theory, entropies make up the basis for distance and divergence measures among various probability densities. We design our abnormal‐based detection metric using the generalized entropy. The experimental results show that our proposed approach can not only detect DDoS attacks early (it can detect attacks one hop earlier than using the Shannon metric while order α = 2, and two hops earlier than the Shannon metric while order α = 10.) but can also reduce both the false positive rate and the false negative rate, compared with the traditional Shannon entropy metric approach.
Key words:
Notes
Corresponding author. (Tel: +61–3–92517603; Fax: +61–3–92517604; Email: {ktql, wanlei}@deakin.edu.au)