Title :
Network anomaly detection using nonextensive entropy
Author :
Ziviani, Artur ; Gomes, Antônio Tadeu A ; Monsores, Marcelo L. ; Rodrigues, Paulo S S
Author_Institution :
Nat. Lab. for Sci. Comput., Petropolis
fDate :
12/1/2007 12:00:00 AM
Abstract :
Detection is a crucial step towards efficiently diagnosing network traffic anomalies within an autonomous system (AS). We propose the adoption of nonextensive entropy - a one-parameter generalization of Shannon entropy - to detect anomalies in network traffic within an AS. Experimental results show that our approach based on nonextensive entropy outperforms previous ones based on classical entropy while providing enhanced flexibility, which is enabled by the possibility of fine-tuning the sensitivity of the detection mechanism.
Keywords :
computer networks; entropy; telecommunication security; telecommunication traffic; Shannon entropy; autonomous system; network anomaly detection; network traffic; nonextensive entropy; Airports; Computer crime; Computer networks; Detectors; Distributed computing; Entropy; Probability distribution; Proposals; Routing protocols; Telecommunication traffic;
Journal_Title :
Communications Letters, IEEE
DOI :
10.1109/LCOMM.2007.070761
