Spatio-temporal dynamics of packet traffic in data networks is complex and its monitoring is a challenging task. We study if information entropy of packet traffic monitored at selected set of nodes may provide a method for monitoring network-wide behaviour of packet traffic and for detection of anomalous traffic, e.g., distributed denial-of-service attacks. We conduct our investigation for a packet switching network model for static and dynamic routings. We show that the proposed information entropy method may detect changes in "natural" randomness of spatio-temporal distributions of packets among routers caused by anomalous traffic and that the emerging anomalies are easier to detect for DDoS attacks with larger number of attackers and/or on networks using static rather than dynamic routing. © 2009 Springer-Verlag Berlin Heidelberg.
CITATION STYLE
Lawniczak, A. T., Wu, H., & Stefano, B. N. (2009). Detection of packet traffic anomalous behaviour via information entropy. In Studies in Computational Intelligence (Vol. 207, pp. 197–208). Springer Verlag. https://doi.org/10.1007/978-3-642-01206-8_17
Mendeley helps you to discover research relevant for your work.