Shannon Entropy Mixing Cumulative Sum Algorithm for DoS/DDoS Detection and Defense (original) (raw)

Abstract

Nowadays, 5G networks has gradually entered human’s everyday lives. But network services re quested by users continuously grow. On the other hand, hackers can be found everywhere. Our information systems and network devices connected to the Internet may be attacked at any moment. Currently, 5G networks request security mechanisms to automatically detect DoS/DDoS attacks. Many systems have been proposed. But, none focuses on defending 5G networks against DoS/D DoS attacks. In other words, those 5G systems cannot effectively protect their users and facilities from DoS/DDoS attacks. Thus, this research proposes a network autonomous security system, named Detection and Defense of DoS/DDoS on 5G (DDD5G) which analyzes 5G network traffics and deter mines whether a protected system is under DoS/DDoS attack or not by using Shannon entropy (SE) and/or a mixed model. The latter mixes Shannon entropy and Cumulative Sum Algorithm (CUSUM) to further enhance a system’s security level. Basically, Shannon entropy adopts entropy derived from normal traffic at time intervals as the threshold and compares it with entropy of other time intervals, denoted by T, to detect whether there are intrusions and attacks in T or not, while the CUSUM collects traffic and checks to see whether it exceeds the predefined thresholds or not to determine if this system is under attack. We also evaluate performance of these two methods. After simulating the DDD5G on MiniNet, we confirm that the proposed system based on the two mentioned algorithms can effectively self-detect and defend DoS/DDoS attacks without the need of human intervention.

Similar content being viewed by others

References

1. Denial of Service(DOS), Wikipedia. https://en.wikipedia.org/wiki/Denial-of-serviceattack
2. Distributed Denial-of-Service attack(DoS/DDoS). wikipedia. https://en.wikipedia.org/wiki/Denialof-serviceattack
3. 5G security, IMT-2020(5G) promotion China Academy of Information and Communications Technology. https://pdf.dfcfw.com/pdf/H3AP2021121415345384551.pdf?1639501401000.pdf
4. Liang, X., Qiu, X.: A software defined security architecture for SDN-based 5G network. In: 2016 IEEE International Conference on Network Infrastructure and Digital Content (IC-NIDC), pp. 17–21 (2016). https://doi.org/10.1109/ICNIDC.2016.7974528
5. Hong, G.-C., Lee, C.-N., Lee, M.-F.: Dynamic threshold for DoS/DDoS. mitigation in SDN environment. In: 2019 Asia -Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC), pp. 1–7 (2019). https://doi.org/10.1109/APSIPAASC47483.2019.9023229
6. Sahoo, K.S., Sahoo, B., Vankayala, M., Dash, R.: Detection of control layer DoS/DDoS attack using entropy metrics in SDN: an empirical investigation. In: 2017 Ninth International Conference on Advanced Computing (ICoAC), pp. 281–286, December 2017
   Google Scholar
7. A Gentle Introduction to Information Entropy. https://machinelearningmastery.com/what-is-informationentropy/
8. CUSUM. https://en.wikipedia.org/wiki/CUSUM

Download references

Acknowledgments

This study is financial support in part by Ministry of Science and Technology, Taiwan under the grants MOST 108–2221-E-029–009 and MOST 109–2221-E-029–017-MY2.

Author information

Authors and Affiliations

1. Department of Computer Science, Tunghai University, Taichung, 407224, Taiwan
   Shih-Ting Chiu & Fang-Yie Leu
2. Center for Innovative Engineering, Universiti Teknologi, Malaysia, Brunei
   Heru Susanto
3. Emergency Response Management Center, Ming Chuan University, Guishan, Taoyuan, Taiwan
   Fang-Yie Leu

Authors

1. Shih-Ting Chiu
2. Heru Susanto
3. Fang-Yie Leu

Corresponding author

Correspondence toFang-Yie Leu .

Editor information

Editors and Affiliations

1. Kookmin University, Seoul, Korea (Republic of)
   Ilsun You
2. Sangmyung University, Cheonan-si, Korea (Republic of)
   Hwankuk Kim
3. Middle East Technical University, Ankara, Türkiye
   Pelin Angin

Rights and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Cite this paper

Chiu, ST., Susanto, H., Leu, FY. (2023). Shannon Entropy Mixing Cumulative Sum Algorithm for DoS/DDoS Detection and Defense. In: You, I., Kim, H., Angin, P. (eds) Mobile Internet Security. MobiSec 2022. Communications in Computer and Information Science, vol 1644. Springer, Singapore. https://doi.org/10.1007/978-981-99-4430-9\_18

Download citation

• .RIS
• .ENW
• .BIB
• DOI: https://doi.org/10.1007/978-981-99-4430-9\_18
• Published: 20 July 2023
• Publisher Name: Springer, Singapore
• Print ISBN: 978-981-99-4429-3
• Online ISBN: 978-981-99-4430-9
• eBook Packages: Computer ScienceComputer Science (R0)Springer Nature Proceedings Computer Science

Keywords

Publish with us