Entropy Based Method for Network Anomaly Detection

被引:8
|
作者
Quan, Qian [1 ]
Hong-Yi, Che [1 ]
Rui, Zhang [1 ]
机构
[1] Shanghai Univ, Sch Engn & Comp Sci, Shanghai, Peoples R China
来源
IEEE 15TH PACIFIC RIM INTERNATIONAL SYMPOSIUM ON DEPENDABLE COMPUTING, PROCEEDINGS | 2009年
关键词
Network entropy; Normalized relative network entropy; Network intrusion detection;
D O I
10.1109/PRDC.2009.38
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Entropy based intrusion detection which recognizes the network behavior only depends on the packets themselves and do not need any security background knowledge or user interventions, shows great appealing in network security areas. In this paper, we compare two entropy methods, network entropy and normalized relative network entropy(NRNE), to classify different network behaviors. The experimental results show although the two methods are efficient, the improved relative network entropy, NRNE is better which takes more attributes into consideration simultaneously and we can get an overall view of the abnormal network behavior.
引用
收藏
页码:189 / 191
页数:3
相关论文
共 50 条
  • [11] Machine Learning Enhanced Entropy-Based Network Anomaly Detection
    Timcenko, Valentina
    Gajin, Slavko
    ADVANCES IN ELECTRICAL AND COMPUTER ENGINEERING, 2021, 21 (04) : 51 - 60
  • [12] Anomaly Detection for User Behavior in Wireless Network Based on Cross Entropy
    Zhang, Chunxiao
    Hu, Yihong
    Zhu, Xinning
    Guo, Zhigang
    Huang, Junfei
    IEEE 12TH INT CONF UBIQUITOUS INTELLIGENCE & COMP/IEEE 12TH INT CONF ADV & TRUSTED COMP/IEEE 15TH INT CONF SCALABLE COMP & COMMUN/IEEE INT CONF CLOUD & BIG DATA COMP/IEEE INT CONF INTERNET PEOPLE AND ASSOCIATED SYMPOSIA/WORKSHOPS, 2015, : 1258 - 1263
  • [13] Network anomaly detection using nonextensive entropy
    Ziviani, Artur
    Gomes, Antonio Tadeu A.
    Monsores, Marcelo L.
    Rodrigues, Paulo S. S.
    IEEE COMMUNICATIONS LETTERS, 2007, 11 (12) : 1034 - 1036
  • [14] Network Anomaly Detection Using Parameterized Entropy
    Berezinski, Przemyslaw
    Szpyrka, Marcin
    Jasiul, Bartosz
    Mazur, Michal
    COMPUTER INFORMATION SYSTEMS AND INDUSTRIAL MANAGEMENT, CISIM 2014, 2014, 8838 : 465 - 478
  • [15] Network Anomaly Detection Method Based on Residual Analysis
    Meng Y.
    Qin T.
    Zhao L.
    Ma W.
    Wang H.
    Hsi-An Chiao Tung Ta Hsueh/Journal of Xi'an Jiaotong University, 2020, 54 (01): : 42 - 48and84
  • [16] A Network Anomaly Detection Method Based on Genetic Algorithm
    Su, Qinggang
    Liu, Jingao
    2017 4TH INTERNATIONAL CONFERENCE ON SYSTEMS AND INFORMATICS (ICSAI), 2017, : 1029 - 1033
  • [17] Network traffic anomaly detection method based on chaotic neural network
    Sheng, Shaojun
    Wang, Xin
    ALEXANDRIA ENGINEERING JOURNAL, 2023, 77 : 567 - 579
  • [18] CUSUM-based and Entropy-based Network Anomaly Detection: an Experimental Comparison
    Callegari, Christian
    Pagano, Michele
    Giordano, Stefano
    Berizzi, Fabrizio
    PROCEEDINGS OF THE 2017 8TH INTERNATIONAL CONFERENCE ON THE NETWORK OF THE FUTURE (NOF), 2017, : 132 - 134
  • [19] A weakly supervised anomaly detection method based on deep anomaly scoring network
    Xie, Xin
    Li, Zixi
    Huang, Yuhui
    Wu, Dengquan
    SIGNAL IMAGE AND VIDEO PROCESSING, 2023, 17 (08) : 3903 - 3911
  • [20] A weakly supervised anomaly detection method based on deep anomaly scoring network
    Xin Xie
    Zixi Li
    Yuhui Huang
    Dengquan Wu
    Signal, Image and Video Processing, 2023, 17 : 3903 - 3911
12345