A New Information-Based Heuristic for Distributed DDoS Detection and Mitigation: Distributed and Collaborative DDoS Detection

Nafir , Abdenacer; Mazouzi , Smaine; Chikhi ,Salim

A New Information-Based Heuristic for Distributed DDoS Detection and Mitigation: Distributed and Collaborative DDoS Detection

Files

A New Information-Based Heuristic for Distributed DDoS Detection and Mitigation Distributed and Collaborative DDoS Detection.pdf (683.58 KB)

Date

2022

Authors

Nafir , Abdenacer

Mazouzi , Smaine

Chikhi ,Salim

Publisher

International Journal of Organizational and Collective Intelligence Volume 12 • Issue 4

Abstract

In this paper a novel collective method for DDoS detection is introduced. The method is distributed and implemented as a multi-agent system, and where local decision is based on an informationbased heuristic, namely the entropy. According the calculated entropy a router exchange data with its neighbors aiming at collectively decide if a DDoS is ongoing or not. Most of the works of the literature that are based on the entropy they have used source addresses. The authors’ method is based on the entropy of the distances traveled by the packets, so spoofing IP packets will be hard to perform by hackers. Each router combines its decision with those of its neighbors. Such a collective detection allows to apply defense against the attack despite the victim is out of service or cannot perform DDoS mitigation because the traffic is congested in its neighborhood. Conducted experiments using the platform OMNet++ show the potential of the new method for efficient collaborative and distributed detection and mitigation of DDoS attacks.

URI

http://dspace.univ-skikda.dz:4000/handle/123456789/1854

Collections

Informatique

Full item page