An Approach for Detecting Flooding Attack Based on Integrated Entropy Measurement in E-Mail Server

  • Hsing-Chung Chen
  • Shian-Shyong Tseng
  • Chuan-Hsien Mao
  • Chao-Ching Lee
  • Rendabel Churniawan
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 260)


The aim of this study is to protect an electronic mail (email) server system based on an integrated Entropy calculation via detecting flooding attacks. Lots of approaches have been proposed by many researchers to detect packets accessing email whether are belonging to the normal or abnormal packets. Entropy is an approach of the mathematical theory of Communication; it can be used to measure the uncertainty or randomness in a random variable. A normal email server usually supports the four protocols consists of Simple Mail Transfer Protocol (SMTP), Post Office Protocol version 3 (POP3), Internet Message Access Protocol version 4 (IMAP4), and HTTPS being used by remote web-based email. However, in Internet, there are many flooding attacks will try to paralyze email server system. Therefore, we propose a new approach for detecting flooding attack based on Integrated Entropy Measurement in email server. Our approach can reduce the misjudge rate compared to conventional approaches.


Entropy Flooding attack Email server 



This work was supported in part by Asia University, Taiwan, under Grant 101-asia-28, and by the National Science Council, Taiwan, Republic of China, under Grant NSC99-2221-E-468-011.


  1. 1.
    Postel JB (1982) A simple mail transfer protocol. RFC821Google Scholar
  2. 2.
    Klensin J (2008) A simple mail transfer protocol. RFC5321Google Scholar
  3. 3.
    Myers J, Rose M (1996) Post office protocol—Version 3. RFC 1939Google Scholar
  4. 4.
    Crispin M (1996) Request for comments: 2060. Standards Track, Network Working Group, Dec 1996Google Scholar
  5. 5.
    Cripsin M (2003) Internet message access protocol—version 4rev1. RFC3501Google Scholar
  6. 6.
    Karlton P (2011) Request for comments: 6101. Standards Track, Network Working Group, Aug 2011Google Scholar
  7. 7.
    Wikipedia (2013) HTTP secure.
  8. 8.
    Chen H-C, Sun J-Z, Wu Z-D (2010) Dynamic forensics system with intrusion tolerance based on hierarchical colour petri-nets. In: BWCCA 2010: international conference on broadband and wireless computing, communication and applications, also NGWMN-2010: the third international workshop on next generation of wireless and mobile networks, , Fukuoka, Japan, 4–6 Nov, pp 660–665Google Scholar
  9. 9.
    O’Donnell AJ (2007) The evolutionary microcosm of stock spam. Sec Priv IEEE 5:70–75Google Scholar
  10. 10.
    Bass T, Watt G (1997) A simple framework for filtering queued SMTP email. In: MILCOM 97 proceedings, vol. 3, pp 1140–1144Google Scholar
  11. 11.
    Bass T, Freyre A, Gruber D, Watt G (1998) Email bombs and countermeasure: cyber attack on availability and brand integrity. IEEE Network 12(2):10–17CrossRefGoogle Scholar
  12. 12.
    Wang X, Chellappan S, Boyer P, Xuan D (2006) On the effectiveness of secure overlay forwarding systems under intelligent distributed DoS attacks. IEEE Trans Parallel Distrib Syst 17:619–632Google Scholar
  13. 13.
    Shannon CE (1948) A mathematical theory of communication. Bell Syst Tech J 27:379–423, 623–656Google Scholar
  14. 14.
    Absolute Astronomy (2012) Information entropy. Available from:
  15. 15.
    Weaver W, Shannon CE (1963) The mathematical theory of communication, 1949, republished in paperbackGoogle Scholar
  16. 16.
    Chen H-C, Sun J-Z, Tseng S-S, Weng C-E (2012) A new approach for detecting smtpfa based on entropy measurement. In: The 9th IFIP international conference on network and parallel computing (NPC 2012), Gwangju, Korea, 6–8 Sept 2012Google Scholar

Copyright information

© Springer Science+Business Media Dordrecht 2014

Authors and Affiliations

  • Hsing-Chung Chen
    • 1
  • Shian-Shyong Tseng
    • 1
  • Chuan-Hsien Mao
    • 1
  • Chao-Ching Lee
    • 1
  • Rendabel Churniawan
    • 1
  1. 1.Department of Computer Science and Information EngineeringAsia UniversityTaichungTaiwan, Republic of China

Personalised recommendations