@inproceedings{f76f00fb41a747239cb8f0f571f8d002,
title = "An entropy-based countermeasure against intelligent dos attacks targeting firewalls",
abstract = "Denial of Service (DoS) attacks are very dangerous as they consume resources at the network and transport layers. Firewalls are considered as the first line of defense in any network. An attacker may use probing to learn a firewall's policy, and then launch a DoS attack that floods the firewall with traffic targeting the rules at the bottom of this policy. In this paper, we propose a countermeasure that enables the firewall to endure the attack attempts without denying service to legitimate clients. The goal of this work is to use an entropy-based scheme to distinguish between the legitimate and attack traffic. Then, the legitimate traffic will be placed in a queue with a higher priority than the queue holding the attack traffic. The results show that the proposed scheme improves on the performance of the firewall under a DoS attack.",
keywords = "Countermeasures, Dos attacks, Entropy, intrusion detection, Firewalls",
author = "F. Al-Haidari and M. Sqalli and K. Salah and J. Hamodi",
year = "2009",
doi = "10.1109/POLICY.2009.14",
language = "British English",
isbn = "9780769537429",
series = "Proceedings - 2009 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2009",
pages = "41--44",
booktitle = "Proceedings - 2009 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2009",
note = "2009 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2009 ; Conference date: 20-07-2009 Through 22-07-2009",
}