Abstract
Spatio-temporal dynamics of packet traffic in data networks is complex and its monitoring is a challenging task. We study if information entropy of packet traffic monitored at selected set of nodes may provide a method for monitoring network-wide behaviour of packet traffic and for detection of anomalous traffic, e.g., distributed denial-of-service attacks. We conduct our investigation for a packet switching network model for static and dynamic routings. We show that the proposed information entropy method may detect changes in “natural” randomness of spatio-temporal distributions of packets among routers caused by anomalous traffic and that the emerging anomalies are easier to detect for DDoS attacks with larger number of attackers and/or on networks using static rather than dynamic routing.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Yuan, J., Mills, K.: Monitoring the Macroscopic Effect of DDoS Flooding Attacks. IEEE Transactions on Dependable and Secure Computing 2(4), 1–12 (2005)
http://www.theregister.co.uk/2002/10/23/feds_investigating_largest_ever_internet/ (accessed January 5, 2009)
Nucci, A., Banneman, S.: Controlled Chaos. In: IEEE Spectrum, pp. 43–48 (December 2007)
Lawniczak, A.T., Wu, H., Di Stefano, B.N.: DDoS attack detection using entropy of packet traffic in CA like data communication network model. In: Adamatzky, A., et al. (eds.) Automata-2008 Theory and Applications of Cellular Automata, pp. 573–584. Luniver Press, UK (2008)
Lawniczak, A.T., Gerisch, A., Di Stefano, B.N.: Development and Performance of Cellular Automaton Model of OSI Network Layer of Packet Switching Networks. In: 16th IEEE CCECE 2003 – CCGEI 2003, vol. 2, pp. 1409–1412 (2003)
Lawniczak, A.T., Gerisch, A., Di Stefano, B.: OSI Network-layer Abstraction: Analysis of Simulation Dynamics and Performance Indicators. In: Mendes, J.F., et al. (eds.) AIP Conference Proc., New York, vol. 776, pp. 166–200 (2005)
Gerisch, A., Lawniczak, A.T., Di Stefano, B.: Building Blocks of a Simulation Environment of the OSI Network Layer of Packet Switching Networks. In: 16th IEEE CCECE 2003 – CCGEI 2003, p. 4 (2003)
Lawniczak, A.T., Gerisch, A., Maxie, K., Di Stefano, B.: Netzwerk: Migration of a Packet Switching Network Simulation Enviroment from MS Windows PC to Linux PC and to HPC. In: 19th International Symposium no High Performance Computing Systems and Applications, pp. 280–286. IEEE Press, Los Alamitos (2005)
Leon-Garcia, A., Widjaja, I.: Communication Networks: Fundamental Concepts and Key Architectures. McGraw-Hill Companies, Inc., New York (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Lawniczak, A.T., Wu, H., Di Stefano, B.N. (2009). Detection of Packet Traffic Anomalous Behaviour via Information Entropy. In: Fortunato, S., Mangioni, G., Menezes, R., Nicosia, V. (eds) Complex Networks. Studies in Computational Intelligence, vol 207. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01206-8_17
Download citation
DOI: https://doi.org/10.1007/978-3-642-01206-8_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-01205-1
Online ISBN: 978-3-642-01206-8
eBook Packages: EngineeringEngineering (R0)