A New Approach for Detecting SMTPFA Based on Entropy Measurement

Abstract : In this paper, we propose a new approach of detecting a kind of Simple Mail Transfer Protocol Flooding Attack (SMTPFA for short) based on entropy measurement. We will calculate the entropy values from the received packets flow. Further checking its entropy value compared with the values of abnormal entropy, we then use it to detect this server whether is suffered some attacks from hacker. The scheme can easily detect SMTPFA, and monitor the real-time status of SMTP server.
Document type :
Conference papers
Complete list of metadatas

Cited literature [7 references]  Display  Hide  Download

https://hal.inria.fr/hal-01551369
Contributor : Hal Ifip <>
Submitted on : Friday, June 30, 2017 - 10:36:16 AM
Last modification on : Friday, December 1, 2017 - 1:09:55 AM
Long-term archiving on : Monday, January 22, 2018 - 9:56:24 PM

File

978-3-642-35606-3_41_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Hsing-Chung Chen, Jai-Zong Sun, Shian-Shyong Tseng, Chien-Erh Weng. A New Approach for Detecting SMTPFA Based on Entropy Measurement. 9th International Conference on Network and Parallel Computing (NPC), Sep 2012, Gwangju, South Korea. pp.349-359, ⟨10.1007/978-3-642-35606-3_41⟩. ⟨hal-01551369⟩

Share

Metrics

Record views

76

Files downloads

95