A New Approach for Detecting SMTPFA Based on Entropy Measurement

Part 9: ATIMCNInternational audienceIn this paper, we propose a new approach of detecting a kind of Simple Mail Transfer Protocol Flooding Attack (SMTPFA for short) based on entropy measurement. We will calculate the entropy values from the received packets flow. Further checking its entropy value compared with the values of abnormal entropy, we then use it to detect this server whether is suffered some attacks from hacker. The scheme can easily detect SMTPFA, and monitor the real-time status of SMTP server