DocumentCode :
2901298
Title :
Entropy Based Method for Network Anomaly Detection
Author :
Quan, Qian ; Hong-Yi, Che ; Rui, Zhang
Author_Institution :
Sch. of Comput. Eng. & Sci., Shanghai Univ., Shanghai, China
fYear :
2009
fDate :
16-18 Nov. 2009
Firstpage :
189
Lastpage :
191
Abstract :
Entropy based intrusion detection which recognizes the network behavior only depends on the packets themselves and do not need any security background knowledge or user interventions, shows great appealing in network security areas. In this paper, we compare two entropy methods, network entropy and normalized relative network entropy (NRNE), to classify different network behaviors. The experimental results show although the two methods are efficient, the improved relative network entropy, NRNE is better which takes more attributes into consideration simultaneously and we can get an overall view of the abnormal network behavior.
Keywords :
security of data; abnormal network behavior; entropy based intrusion detection; network anomaly detection; network behavior recognition; network security; normalized relative network entropy; security background knowledge; Computer networks; Computer security; Electronic mail; Entropy; Intrusion detection; Knowledge engineering; Pattern recognition; Probability distribution; Protocols; TCPIP; Network entropy; Network intrusion detection; Normalized relative network entropy;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Dependable Computing, 2009. PRDC '09. 15th IEEE Pacific Rim International Symposium on
Conference_Location :
Shanghai
Print_ISBN :
978-0-7695-3849-5
Type :
conf
DOI :
10.1109/PRDC.2009.38
Filename :
5368515
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2901298
بازگشت