Sprinkling Data :Prevent Pollution Attacks Using Entropy Variation
Journal Title: International Journal of Research in Computer and Communication Technology - Year 2013, Vol 2, Issue 11
Abstract
The Distributed Denial-of-Service (DDoS) attacks are a critical threat to the Internet. Recently there are an increasing number of DDoS attacks against online services and Web applications. However the memoryless feature of the Internet routing mechanisms makes it extremely hard to trace back to the source of these attacks. These attacks are targeting the application level. Detecting application layer DDOS attack is not an easy task. In this paper, we propose a novel trace back method for DDoS attacks that is based on entropy variations between normal and DDoS attack traffic which is fundamentally different from commonly used packet marking techniques. The idea is to detect abrupt traffic changes across multiple network domains at the earliest time. The suspicious requests are identified based onthe variation in entropy and a rate limiter is introduced to downgrade services to malicioususers. In addition to a scheduler is include to schedule the session based on the trust score of theuser and the system workload .
Authors and Affiliations
Anil Kumar Battula, S Amarnath Babu
Keywords
Related Articles
- EP ID EP27749
- DOI -
- Views 267
- Downloads 2
Design and Implementation of FPGA Radix-4 Booth Multiplication Algorithm
Fast multipliers are essential parts of digital signal processing systems.The system performance is based on the performance of multiplier used in the system, because it is the slowest component among all components...
A New Dynamic Privacy Grid Mechanism for Location Based Services
Appropriate to the nature of the data being swap over between the user and the server, the common changing of the user’s name provides modest shield for the user’s privacy. A more recent investigation of the mix-zone...
AODV, DSDV Performance Analysis with TCP Reno, TCP NewReno, TCP Vegas And TCP Tahoe on Mobile Ad-hoc Networksusing NS2
A mobile ad-hoc network (MANET) is a network that doesn’t need any infrastructure which is capable of communicating between nodes without any centralized administration. MANET is the best choice which is of less cost...
Power Analysis of Concurrent Error Detection in Orthogonal Latin Squares Codec
One of the major drawbacks of the data transmission is existence of errors. These errors exist in the circuits for transmission, reception and data storage. Error correction codes (ECCs) are commonly used toprotect me...
Novel Resource Allocation Algorithm for Cloud System That Supports VM-Multiplexing Technology
Formulation of a deadline-driven resource allocation problem based on the cloud environment assist with VM resource isolation technology and also suggests a novel solution with polynomial time which could minimize us...