Abstract
Distributed denial of service attacks are great security threats to computer networks, especially to large scale networks such as WiMAX. Detecting this kind of attack is not as easy as some other attacks, because the traffic created by attack is too similar to the traffic of the network in the normal case. So in this paper a novel framework is proposed to detect DDoS attack in IEEE802.16-based networks efficiently. The key idea of the proposed method is to exploit some statistical features of the incoming traffic. In fact we design a system in which some entropy-based features of the traffic are analyzed. Based on these features we decide whether the attack has occurred or not. Previous works have all focused on the entropy of IP address of the incoming packets, while in this system we have comprehensively considered some other entropybased features which help a lot in detecting the attack rather than just considering the entropy of the incoming IP addresses. Also in the proposed method we have tried to exploit the long range dependency of the traffic to detect the attack. The simulation results show that the proposed method can detect DDoS attacks efficiently.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Vafea, A.: Security of IEEE 802.16. Master of Information and Communication Systems Security, Department of Computer and Systems – Science Royal Institute of Technology (2006)
Jamshed, H.: Security Issues of IEEE 802.16 (WiMAX), School of Computer and Information Science, Edith Cowan University, Australia (2006)
Eren, E.: WiMAX Security Architecture – Analysis and Assessment. In: IEEE International Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications Dortmund, Germany, September 6-8 (2007)
Youngwook, K., Hyoung-Kyu, L., Saewoong, B.: Shared Authentication Information for Preventing DDoS attacks in Mobile WiMAX Networks. In: IT R&D program of MIC/IITA. IEEE, Korea (2007)
Shon, T., Choi, W.: An Analysis of Mobile WiMAX Security: Vulnerabilities and Solutions. In: Enokido, T., Barolli, L., Takizawa, M. (eds.) NBiS 2007. LNCS, vol. 4658, pp. 88–97. Springer, Heidelberg (2007)
Boom, D.: Denial of Service Vulnerabilities in IEEE 802.16 Wireless Networks. Master Thesis at Naval Postgraduate School Monterey. IEEE, California (2004)
Nasreldin, M., Aslan, H., El-Hennawy, M., El-Hennawy, A.: WiMAX Security. In: 22nd International Conference on Advanced Information Networking and Applications, IEEE (2008)
Lee, K., Kim, J., Kwon, K.H., Han, Y., Kim, S.: DDoS attack detection method using cluster analysis. ESWA 34, 1659–1665 (2008)
George Nychis, V.S., Andersen, D.G., Kim, H., Zhang, H.: An Empirical Evaluation of Entropy-based Traffic Anomaly Detection. In: IMC 2008. ACM, Greece (2008)
Zhou, W., Yu, S.: Entropy-Based Collaborative Detection of DDOS Attacks on Community Networks. In: Sixth Annual IEEE International Conference on Pervasive Computing a and Communication (2008)
Kar, S., Sahoo, B.: An Anomaly Detection System for DDoS Attack in Grid Computing. International Journal of Computer Applications in Engineering, Technology and Sciences (ij-ca-ets) 1, 553 (2009)
IEEE Standard 802.16-2009: Air Interface for Broadband Wireless Access Systems (May 2009)
Taylor & Francis Group, WiMAX/MobileFi, Auerbach (2008) ISBN 978-1-4200-4351-8
Karagiannis, T., Molle, M., Faloutsos, M.: Long Range Dependence. IEEE Computer Society (2004) 1089-7801/04/$20.00
Millán, G., Lefranc, G.: Presentation of an Estimator for the Hurst parameter for a Self-similar Process Representing the Traffic in IEEE 802.3 Networks. Int. J. of Computers, Communications & Control IV(2), 137–147 (2009) ISSN 1841-9836, E-ISSN 1841-9844
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Shojaei, M., Movahhedinia, N., Tork Ladani, B. (2011). An Entropy Based Approach for DDoS Attack Detection in IEEE 802.16 Based Networks. In: Iwata, T., Nishigaki, M. (eds) Advances in Information and Computer Security. IWSEC 2011. Lecture Notes in Computer Science, vol 7038. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25141-2_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-25141-2_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25140-5
Online ISBN: 978-3-642-25141-2
eBook Packages: Computer ScienceComputer Science (R0)