Skip to main content

Table 1 Notations used in the methodology for various notations used in the proposed approach and description

From: Detection of spoofed and non-spoofed DDoS attacks and discriminating them from flash crowds

Notation Description
H(Sc_IP) Source entropy
Sc_IP Source IP
p(Sc_IPi) Probability of source imp
X i Number of packets received for Sc_IPi
H(t_ID) Traffic entropy
p(t_ID) Probability of traffic
Y i Number of packets received for (t_ID)
u,v Tolerance factors
(Hc(Sc_IP)) Current source entropy
Hc(tID) Current traffic entropy
HN(Sc_IP) Initial source entropy
HN(t_ID) Initial traffic entropy
HN(Sc_IP) + u*σSc_IP)) Upper threshold source entropy
(HN(Sc_IP)−uσtc_ID)) Lower threshold source entropy
HN(tID) − vσt_ID)) Lower threshold traffic entropy
HN(tID) + vσt_ID)) Upper threshold traffic entropy
σSc_IP Standard deviation of source
σt_ID Standard deviation of traffic