An Approach for Detecting Flooding Attack Based on Integrated Entropy Measurement in E-Mail Server

Capítulo de livro Revisado por pares

An Approach for Detecting Flooding Attack Based on Integrated Entropy Measurement in E-Mail Server

2013; Springer Science+Business Media; Linguagem: Inglês

10.1007/978-94-007-7262-5_107

ISSN

1876-1119

Autores

Hsing‐Chung Chen, Shian‐Shyong Tseng, Chuan-Hsien Mao, Chao-Ching Lee, Rendabel Churniawan,

Tópico(s)

Internet Traffic Analysis and Secure E-voting

Resumo

The aim of this study is to protect an electronic mail (email) server system based on an integrated Entropy calculation via detecting flooding attacks. Lots of approaches have been proposed by many researchers to detect packets accessing email whether are belonging to the normal or abnormal packets. Entropy is an approach of the mathematical theory of Communication; it can be used to measure the uncertainty or randomness in a random variable. A normal email server usually supports the four protocols consists of Simple Mail Transfer Protocol (SMTP), Post Office Protocol version 3 (POP3), Internet Message Access Protocol version 4 (IMAP4), and HTTPS being used by remote web-based email. However, in Internet, there are many flooding attacks will try to paralyze email server system. Therefore, we propose a new approach for detecting flooding attack based on Integrated Entropy Measurement in email server. Our approach can reduce the misjudge rate compared to conventional approaches.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

An Approach for Detecting Flooding Attack Based on Integrated Entropy Measurement in E-Mail Server