Multi-Agent DDoS Attack Detection Based on Information Entropy

Distributed Denial of Service (DDoS) attacks generate enormous packets,and can easily exhaust the resource of a network or a host within a short period of time. It imposes a very serious threat to the stability of the Internet. This paper analyses the attacking rules and attacker’s behaviors of DDoS,and then proposes a DDoS attack detection model based on multi-agent. The model uses the entropy detection algorithm to detect abnormal packets,and deduces details of the attack using specific DDoS Ontology. The experiment is based on DARPA 2000 Intrusion Detection Scenario Specific Data Set. The results indicate that this method can effectively detect DDoS attacks.