Abnormal network traffic detection approach based on alive entropy
A novel alive entropy-based detection approach was proposed,which detects the abnormal network traffic based on the values of alive entropies.The alive entropies calculated based on the NetFlow data coming from the network traffic of input and output of a whole system,which is essentially a monitore...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2013-09-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2013.Z2.011/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539756465324032 |
|---|---|
| author | Xiang-kun MU Jin-song WANG Yu-feng XUE Wei HUANG |
| author_facet | Xiang-kun MU Jin-song WANG Yu-feng XUE Wei HUANG |
| author_sort | Xiang-kun MU |
| collection | DOAJ |
| description | A novel alive entropy-based detection approach was proposed,which detects the abnormal network traffic based on the values of alive entropies.The alive entropies calculated based on the NetFlow data coming from the network traffic of input and output of a whole system,which is essentially a monitored network.In order to decrease false positive rate of abnormal network traffic,different scales are selected to compute the values of alive entropies in different sizes of network traffic.With the low false positive rate of abnormal network traffic,the abnormal network traffic can be effectively detected.Experiments carried out on a real campus network were used to evaluate the effectiveness of the proposed approach.A comparative study illustrates that the proposed approach may easily detect the abnormal network traffic with random characteristics in comparison with some “conventional” approaches reported in the literatures. |
| format | Article |
| id | doaj-art-a793cea3f099455291b935665d0c63d4 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2013-09-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-a793cea3f099455291b935665d0c63d42025-01-14T06:42:11ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2013-09-0134515759677957Abnormal network traffic detection approach based on alive entropyXiang-kun MUJin-song WANGYu-feng XUEWei HUANGA novel alive entropy-based detection approach was proposed,which detects the abnormal network traffic based on the values of alive entropies.The alive entropies calculated based on the NetFlow data coming from the network traffic of input and output of a whole system,which is essentially a monitored network.In order to decrease false positive rate of abnormal network traffic,different scales are selected to compute the values of alive entropies in different sizes of network traffic.With the low false positive rate of abnormal network traffic,the abnormal network traffic can be effectively detected.Experiments carried out on a real campus network were used to evaluate the effectiveness of the proposed approach.A comparative study illustrates that the proposed approach may easily detect the abnormal network traffic with random characteristics in comparison with some “conventional” approaches reported in the literatures.http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2013.Z2.011/alive entropynetwork trafficabnormal traffic detectionNetFlow analysis |
| spellingShingle | Xiang-kun MU Jin-song WANG Yu-feng XUE Wei HUANG Abnormal network traffic detection approach based on alive entropy Tongxin xuebao alive entropy network traffic abnormal traffic detection NetFlow analysis |
| title | Abnormal network traffic detection approach based on alive entropy |
| title_full | Abnormal network traffic detection approach based on alive entropy |
| title_fullStr | Abnormal network traffic detection approach based on alive entropy |
| title_full_unstemmed | Abnormal network traffic detection approach based on alive entropy |
| title_short | Abnormal network traffic detection approach based on alive entropy |
| title_sort | abnormal network traffic detection approach based on alive entropy |
| topic | alive entropy network traffic abnormal traffic detection NetFlow analysis |
| url | http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2013.Z2.011/ |
| work_keys_str_mv | AT xiangkunmu abnormalnetworktrafficdetectionapproachbasedonaliveentropy AT jinsongwang abnormalnetworktrafficdetectionapproachbasedonaliveentropy AT yufengxue abnormalnetworktrafficdetectionapproachbasedonaliveentropy AT weihuang abnormalnetworktrafficdetectionapproachbasedonaliveentropy |