Power spectrum entropy based detection and mitigation of low-rate DoS attacks
Low-Rate DoS (LDoS) attacks send periodical packet bursts to the bottleneck routers which can throttle the bandwidth of TCP flows. They are difficult to detect while severely degrading the Quality of Service (QoS) of TCP applications. By combining Power Spectrum Analysis with Information Entropy, we...
Saved in:
| Main Authors: | , , , |
|---|---|
| Other Authors: | |
| Format: | Article |
| Language: | English |
| Published: |
2019
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/85246 http://hdl.handle.net/10220/49182 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-85246 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-852462020-03-07T11:48:55Z Power spectrum entropy based detection and mitigation of low-rate DoS attacks Chen, Zhaomin Yeo, Chai Kiat Lee, Bu Sung Lau, Chiew Tong School of Computer Science and Engineering Computer Network and Communication Graduate Lab Power Spectrum Entropy (PSE) Engineering::Computer science and engineering Low-Rate DoS (LDos) Attacks Low-Rate DoS (LDoS) attacks send periodical packet bursts to the bottleneck routers which can throttle the bandwidth of TCP flows. They are difficult to detect while severely degrading the Quality of Service (QoS) of TCP applications. By combining Power Spectrum Analysis with Information Entropy, we introduce two novel information metrics to detect the LDoS attacks: Fourier Power Spectrum Entropy (FPSE) and Wavelet Power Spectrum Entropy (WPSE). As the energy of LDoS attack signal is mostly concentrated in the low-frequency range, FPSE and WPSE of LDoS attacks both exhibit lower values compared to those of normal flows. Therefore, these two metrics can be applied here to detect LDoS attacks efficiently. By evaluating on NS-3 simulations and real network traces, the results validate the effectiveness of these two metrics to differentiate LDoS attacks from normal flows. They can detect the LDoS attacks efficiently with fewer false alarms compared to the other detection mechanisms. Based on these two metrics, we also propose a Power Spectrum Entropy-based Robust-RED (PRRED) queuing algorithm to mitigate LDoS attacks. The evaluation results in NS-3 demonstrate that the proposed algorithm is able to effectively preserve the TCP bandwidth while countering the different LDoS attacks. 2019-07-08T09:02:36Z 2019-12-06T16:00:21Z 2019-07-08T09:02:36Z 2019-12-06T16:00:21Z 2018 Journal Article Chen, Z., Yeo, C. K., Lee, B. S., & Lau, C. T. (2018). Power spectrum entropy based detection and mitigation of low-rate DoS attacks. Computer Networks, 136, 80-94. doi:10.1016/j.comnet.2018.02.029 1389-1286 https://hdl.handle.net/10356/85246 http://hdl.handle.net/10220/49182 10.1016/j.comnet.2018.02.029 en Computer Networks © 2018 Elsevier B.V. All rights reserved. This paper was published in Computer Networks and is made available with permission of Elsevier B.V. |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| country |
Singapore |
| collection |
DR-NTU |
| language |
English |
| topic |
Power Spectrum Entropy (PSE) Engineering::Computer science and engineering Low-Rate DoS (LDos) Attacks |
| spellingShingle |
Power Spectrum Entropy (PSE) Engineering::Computer science and engineering Low-Rate DoS (LDos) Attacks Chen, Zhaomin Yeo, Chai Kiat Lee, Bu Sung Lau, Chiew Tong Power spectrum entropy based detection and mitigation of low-rate DoS attacks |
| description |
Low-Rate DoS (LDoS) attacks send periodical packet bursts to the bottleneck routers which can throttle the bandwidth of TCP flows. They are difficult to detect while severely degrading the Quality of Service (QoS) of TCP applications. By combining Power Spectrum Analysis with Information Entropy, we introduce two novel information metrics to detect the LDoS attacks: Fourier Power Spectrum Entropy (FPSE) and Wavelet Power Spectrum Entropy (WPSE). As the energy of LDoS attack signal is mostly concentrated in the low-frequency range, FPSE and WPSE of LDoS attacks both exhibit lower values compared to those of normal flows. Therefore, these two metrics can be applied here to detect LDoS attacks efficiently. By evaluating on NS-3 simulations and real network traces, the results validate the effectiveness of these two metrics to differentiate LDoS attacks from normal flows. They can detect the LDoS attacks efficiently with fewer false alarms compared to the other detection mechanisms. Based on these two metrics, we also propose a Power Spectrum Entropy-based Robust-RED (PRRED) queuing algorithm to mitigate LDoS attacks. The evaluation results in NS-3 demonstrate that the proposed algorithm is able to effectively preserve the TCP bandwidth while countering the different LDoS attacks. |
| author2 |
School of Computer Science and Engineering |
| author_facet |
School of Computer Science and Engineering Chen, Zhaomin Yeo, Chai Kiat Lee, Bu Sung Lau, Chiew Tong |
| format |
Article |
| author |
Chen, Zhaomin Yeo, Chai Kiat Lee, Bu Sung Lau, Chiew Tong |
| author_sort |
Chen, Zhaomin |
| title |
Power spectrum entropy based detection and mitigation of low-rate DoS attacks |
| title_short |
Power spectrum entropy based detection and mitigation of low-rate DoS attacks |
| title_full |
Power spectrum entropy based detection and mitigation of low-rate DoS attacks |
| title_fullStr |
Power spectrum entropy based detection and mitigation of low-rate DoS attacks |
| title_full_unstemmed |
Power spectrum entropy based detection and mitigation of low-rate DoS attacks |
| title_sort |
power spectrum entropy based detection and mitigation of low-rate dos attacks |
| publishDate |
2019 |
| url |
https://hdl.handle.net/10356/85246 http://hdl.handle.net/10220/49182 |
| _version_ |
1681045480687009792 |