Show/Hide Menu
Hide/Show Apps
anonymousUser
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Frequently Asked Questions
Frequently Asked Questions
Communities & Collections
Communities & Collections
An Entropy based DDoS detection method and implementation
Download
index.pdf
Date
2019
Author
Yücebaş, Süleyman Fürkan
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
7
views
4
downloads
Distributed Denial of Service (DDoS) is a cyber attack type involving multiple computer sources which aims to temporarily or permanently deactivate the service provided by a device. This attack type has been listed multiple times as the most used attack types and has a great portion in all types of cyber attacks. Also, these attacks are increasing day by day and poses a threat for cyber security ecosystem. In today's world, these attacks target worldwide organizations and cause them to suffer. DDoS attacks are easy to employ but hard to prevent. There are various methods to decrease the impact of attacks but none of them are exact solutions. With further research about DDoS detection approaches, it is observed that, methods using statistical approaches have better performance than other approaches. In this thesis, we describe an entropy based detection method and implement our method on software defined networks (SDN). The performance of the method is evaluated for various attack types. We propose the use of multiple entropy values and a novel alarm determination based on these entropy values. We conducted a series of experiments with real datasets for four different attack types to evaluate our method. We compare the effectiveness of our entropy parameter selection (5 single attributes and 10 pair of attributes) to entropy calculation with all 3 elements and 4 elements subsets. The results show that our method detects most common attack types at very early stages.
Subject Keywords
Software-defined networking (Computer network technology).
,
DoS
,
DDoS
,
SDN
,
entropy
,
detection methods.
URI
http://etd.lib.metu.edu.tr/upload/12624825/index.pdf
https://hdl.handle.net/11511/45540
Collections
Graduate School of Informatics, Thesis