| Title | Early detection of DDoS based on φ-entropy in SDN networks |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Li, R., Wu, B. |
| Conference Name | 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC) |
| Date Published | jun |
| Keywords | attack detection, composability, Computer crime, computer network security, control logic, DDoS, DDoS attack detection, DDoS attack detection method, DDoS traffic formation, denial-of-service attack, distributed denial of service attack, Entropy, forwarding logic, Human Behavior, information entropy, IP networks, Metrics, Microsoft Windows, network architecture, network cyber security, pubcrawl, resilience, Resiliency, SDN, SDN networks, software defined networking, Switches, telecommunication traffic, φ-entropy |
| Abstract | Software defined network (SDN) is an emerging network architecture. Its control logic and forwarding logic are separated. SDN has the characteristics of centralized management, which makes it easier for malicious attackers to use the security vulnerabilities of SDN networks to implement distributed denial Service (DDoS) attack. Information entropy is a kind of lightweight DDoS early detection method. This paper proposes a DDoS attack detection method in SDN networks based on f-entropy. f-entropy can adjust related parameters according to network conditions and enlarge feature differences between normal and abnormal traffic, which can make it easier to detect attacks in the early stages of DDoS traffic formation. Firstly, this article demonstrates the basic properties of f-entropy, mathematically illustrates the feasibility of f-entropy in DDoS detection, and then we use Mini-net to conduct simulation experiments to compare the detection effects of DDoS with Shannon entropy. |
| DOI | 10.1109/ITNEC48623.2020.9084885 |
| Citation Key | li_early_2020 |
Early detection of DDoS based on φ-entropy in SDN networks