Network Anomaly Detection Using Random Forests and Entropy of Traffic Features

被引:13
|
作者
Yao, Dong [1 ]
Yin, Meijuan [1 ]
Luo, Junyong [1 ]
Zhang, Silong [1 ]
机构
[1] Zhengzhou Informat Sci & Technol Inst, Zhengzhou 450002, Henan, Peoples R China
来源
2012 FOURTH INTERNATIONAL CONFERENCE ON MULTIMEDIA INFORMATION NETWORKING AND SECURITY (MINES 2012) | 2012年
关键词
anomaly detection; entropy; Random Forests;
D O I
10.1109/MINES.2012.146
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Tracking changes in traffic feature distributions and using it to classify traffic with different behavior is very important in the domain of network anomaly detection. Shannon entropy can be used to find changes in the normal distribution of network traffic to identify anomalies. Standardized entropy provides a measure of uniformity and randomicity on the same baseline for vectors or variables in the different sample space. Random Forests is a machine learning classification algorithm. It is best suited for the analysis of complex or distribution-imbalanced data structures embedded in small to moderate data sets. Anomaly traffic always occupied a little proportion of the whole network traffic. So we employed a combination of entropy measure and Random Forests classification to detect anomalies in network traffic. Our results demonstrate that the new technique is great promise in traffic anomaly detection.
引用
收藏
页码:926 / 929
页数:4
相关论文
共 50 条
  • [21] Smart Grid Communication Network Traffic Anomaly Detection Based on Entropy Analysis
    Ruo, Xuesong
    Lv, Chao
    Pei, Pei
    Gao, Minghui
    Wang, Liming
    2016 2ND IEEE INTERNATIONAL CONFERENCE ON COMPUTER AND COMMUNICATIONS (ICCC), 2016, : 1082 - 1086
  • [22] Entropy Change Rate for Traffic Anomaly Detection
    Li, Xiaowei
    Wang, Changda
    Tang, An
    2021 IEEE 18TH INTERNATIONAL CONFERENCE ON MOBILE AD HOC AND SMART SYSTEMS (MASS 2021), 2021, : 570 - 571
  • [23] Unsupervised anomaly detection for network traffic using artificial immune network
    Yuanquan Shi
    Hong Shen
    Neural Computing and Applications, 2022, 34 : 13007 - 13027
  • [24] Unsupervised anomaly detection for network traffic using artificial immune network
    Shi, Yuanquan
    Shen, Hong
    NEURAL COMPUTING & APPLICATIONS, 2022, 34 (15): : 13007 - 13027
  • [25] Real-Time Anomaly Detection in Network Traffic Using Graph Neural Networks and Random Forest
    Hassan, Waseem
    Hosseini, Seyed Ebrahim
    Pervez, Shahbaz
    INTERNET OF THINGS, SMART SPACES, AND NEXT GENERATION NETWORKS AND SYSTEMS, PT I, NEW2AN 2023, RUSMART 2023, 2024, 14542 : 194 - 207
  • [26] Network traffic anomaly detection algorithm using mahout classifier
    Peng, Hua
    Liu, Liang
    Liu, Jiayong
    Lewis, Johnwb R.
    JOURNAL OF INTELLIGENT & FUZZY SYSTEMS, 2019, 37 (01) : 137 - 144
  • [27] Anomaly detection in network traffic using extreme learning machine
    Imamverdiyev, Yadigar
    Sukhostat, Lyudmila
    2016 IEEE 10TH INTERNATIONAL CONFERENCE ON APPLICATION OF INFORMATION AND COMMUNICATION TECHNOLOGIES (AICT), 2016, : 418 - 421
  • [28] Network Traffic Anomaly Detection using Machine Learning Approaches
    Limthong, Kriangkrai
    Tawsook, Thidarat
    2012 IEEE NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM (NOMS), 2012, : 542 - 545
  • [29] Phishing Detection Using Traffic Behavior, Spectral Clustering, and Random Forests
    DeBarr, Dave
    Ramanathan, Venkatesh
    Wechsler, Harry
    2013 IEEE INTERNATIONAL CONFERENCE ON INTELLIGENCE AND SECURITY INFORMATICS: BIG DATA, EMERGENT THREATS, AND DECISION-MAKING IN SECURITY INFORMATICS, 2013, : 67 - 72
  • [30] Anomaly detection in symmetric network traffic
    Yu, Ming
    Zhou, Xi-Yuan
    WSEAS Transactions on Information Science and Applications, 2007, 4 (09): : 1360 - 1364
12345