%0 Report %1 Kulkarni2001a %A Kulkarni, Amit B. %A Bush, Stephen F. %A Evans, Scott C. %D 2001 %K active networks %N 2001CRD176 %T Detecting Distributed Denial-of-Service Attacks using Kolmogorov Complexity Metrics %X This paper describes an approach to detecting distributed denial of service (DDoS) attacks that is based on fundamentals of information theory, specifically Kolmogorov complexity. The algorithm is based on a concept of Kolmogorov complexity that states that the joint complexity measure of random strings is lower than the sum of the complexities of the individual strings if the strings exhibit some correlation. Furthermore, the joint complexity measure varies inversely with the amount of correlation. The proposed algorithm exploits this feature to correlate traffic flows in the network and detect possible denial-of-service attacks. One of the strengths of this algorithm is that it does not require special filtering rules and hence it can be used to detect any type of DDoS attack. This algorithm is shown to perform better than simple packet-counting or load-measuring approaches.

@techreport{Kulkarni2001a, abstract = {This paper describes an approach to detecting distributed denial of service (DDoS) attacks that is based on fundamentals of information theory, specifically Kolmogorov complexity. The algorithm is based on a concept of Kolmogorov complexity that states that the joint complexity measure of random strings is lower than the sum of the complexities of the individual strings if the strings exhibit some correlation. Furthermore, the joint complexity measure varies inversely with the amount of correlation. The proposed algorithm exploits this feature to correlate traffic flows in the network and detect possible denial-of-service attacks. One of the strengths of this algorithm is that it does not require special filtering rules and hence it can be used to detect any type of DDoS attack. This algorithm is shown to perform better than simple packet-counting or load-measuring approaches.}, added-at = {2007-06-20T15:45:52.000+0200}, author = {Kulkarni, Amit B. and Bush, Stephen F. and Evans, Scott C.}, biburl = {https://www.bibsonomy.org/bibtex/2bc36cc0b074096c9fe4791d13d221b9e/bushsf}, institution = {GE Global Research Center}, interhash = {490ae3818449696300bda913c633c646}, intrahash = {bc36cc0b074096c9fe4791d13d221b9e}, keywords = {active networks}, month = Dec, number = {2001CRD176}, owner = {200004965}, timestamp = {2007-06-20T15:50:15.000+0200}, title = {Detecting Distributed Denial-of-Service Attacks using Kolmogorov Complexity Metrics}, year = 2001 }