Welcome to the InfoSci Platform
Reference Hub1
A New Information-Based Heuristic for Distributed DDoS Detection and Mitigation: Distributed and Collaborative DDoS Detection

A New Information-Based Heuristic for Distributed DDoS Detection and Mitigation: Distributed and Collaborative DDoS Detection

Abdenacer Nafir, Smaine Mazouzi, Salim Chikhi
Copyright: © 2022 |Volume: 12 |Issue: 4 |Pages: 16
ISSN: 1947-9344|EISSN: 1947-9352|EISBN13: 9781683181415|DOI: 10.4018/IJOCI.312221
Cite Article Cite Article

MLA

Nafir, Abdenacer, et al. "A New Information-Based Heuristic for Distributed DDoS Detection and Mitigation: Distributed and Collaborative DDoS Detection." IJOCI vol.12, no.4 2022: pp.1-16. http://doi.org/10.4018/IJOCI.312221

APA

Nafir, A., Mazouzi, S., & Chikhi, S. (2022). A New Information-Based Heuristic for Distributed DDoS Detection and Mitigation: Distributed and Collaborative DDoS Detection. International Journal of Organizational and Collective Intelligence (IJOCI), 12(4), 1-16. http://doi.org/10.4018/IJOCI.312221

Chicago

Nafir, Abdenacer, Smaine Mazouzi, and Salim Chikhi. "A New Information-Based Heuristic for Distributed DDoS Detection and Mitigation: Distributed and Collaborative DDoS Detection," International Journal of Organizational and Collective Intelligence (IJOCI) 12, no.4: 1-16. http://doi.org/10.4018/IJOCI.312221

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

In this paper a novel collective method for DDoS detection is introduced. The method is distributed and implemented as a multi-agent system, and where local decision is based on an information-based heuristic, namely the entropy. According the calculated entropy a router exchange data with its neighbors aiming at collectively decide if a DDoS is ongoing or not. Most of the works of the literature that are based on the entropy they have used source addresses. The authors' method is based on the entropy of the distances traveled by the packets, so spoofing IP packets will be hard to perform by hackers. Each router combines its decision with those of its neighbors. Such a collective detection allows to apply defense against the attack despite the victim is out of service or cannot perform DDoS mitigation because the traffic is congested in its neighborhood. Conducted experiments using the platform OMNet++ show the potential of the new method for efficient collaborative and distributed detection and mitigation of DDoS attacks.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.