DETECTION OF DDOS ATTACK USING ENTROPY APPROACH
DOI:
https://doi.org/10.64751/ijdim.2026.v5.n2(2).pp15-17Keywords:
DDoS Attack, Entropy Analysis, Network Security, Anomaly Detection, Traffic Monitoring, Attack Detection, RealTime Detection, Information TheoryAbstract
Distributed Denial of Service (DDoS) attacks remain one of the most significant threats to network security, causing service disruption, financial loss, and degradation of system performance. Traditional detection methods often fail to identify DDoS attacks in real time due to the high volume and distributed nature of attack traffic. This research proposes an entropy-based detection approach to identify DDoS attacks by analyzing the randomness and distribution of network traffic patterns. By calculating the entropy of network features such as source IP addresses, packet sizes, and flow rates, the system can detect abnormal traffic behavior indicative of a DDoS attack. A significant decrease or sudden change in entropy values signals a potential attack, allowing the system to raise alerts promptly. The entropy approach is lightweight, adaptive, and effective in distinguishing between legitimate and malicious traffic, making it suitable for realtime network monitoring. Experimental results demonstrate that the proposed method accurately detects various types of DDoS attacks with minimal false positives, improving the reliability and security of network systems.
Downloads
Published
Issue
Section
License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
