Real-Time DDoS Detection Based on Entropy Using Hadoop Framework

Abstract

Distributed Denial of Service (DDoS) attacks are one of the biggest threats to public network infrastructure. In a DDoS attack, the victim is targeted with huge volume of traffic, which leads to its services being unavailable to the legitimate users and may even crash the entire system. There are many solutions that have been proposed till now but no robust solution is available to prevent the DDoS attacks in real time. Therefore, it needs to be tackled due to alarming and rapid increase in frequency and bandwidth of these attacks in recent time. In this paper, an algorithm to detect DDoS attacks has been implemented using Hadoop framework to analyze huge amount of traffic in real time. Entropy of source addresses has been used as a DDoS detection metric. We have implemented a testbed to evaluate the performance of the proposed system and observed that the detection system has performed efficiently in analyzing huge amount of traffic and is also able to detect real-time DDoS attacks with accuracy.