You can view the full text of this article for free using the link below.

Title: A novel traceback model for DDoS attacks using modified Floyd-Warshall algorithm

Authors: Sherif F. Emara; Sayed Abdelhady; M. Zaki

Addresses: Computer and Systems Engineering Department, Al-Azhar University, Cairo, Egypt ' Computer and Systems Engineering Department, Al-Azhar University, Cairo, Egypt ' Computer and Systems Engineering Department, Al-Azhar University, Cairo, Egypt

Abstract: Distributed denial of service, DDoS, attacks are drastically increasing, therefore, they cause serious threats for information networks. This paper proposes, for the first time, the use of a graph theoretic approach to exploit the entropy techniques for detecting and tracing back DDoS attackers. It presents a novel approach to traceback DDoS attacks using modified Floyd-Warshall algorithm, TDA/MFWA. Such model starts by feeding the network adjacency matrix in which the link weights are changed to comply with the network traffic entropy, accordingly the reachability from node to node can be examined. Then we borrowed the idea of enumerating all the intermediate points between every pair of network nodes from Floyd-Warshall algorithm and modified it to find out the victim node(s). The fact that entropy at network nodes is systematically accounted using a modified Floyd-Warshall algorithm contributes to the smartness and dependability of TDA/MFWA.

Keywords: packet logging; packet marking; entropy variation; modified Floyd-Warshall algorithm; traceback; DoS/DDoS attack; adjacency matrix; reachability; zombie traffic; link weights.

DOI: 10.1504/IJICS.2023.128003

International Journal of Information and Computer Security, 2023 Vol.20 No.1/2, pp.84 - 103

Received: 06 Dec 2020
Accepted: 14 Dec 2020

Published online: 04 Jan 2023 *

Full-text access for editors Full-text access for subscribers Free access Comment on this article