An efficient entropy-based network anomaly detection method using MIB

With the increasingly widespread application of computer network, it has become a critical task to detect anomalous behaviors in the field of network security. In this paper we develop an entropy-based statistical approach that determines and reports entropy contents for variables in the Management...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:2014 IEEE International Conference on Progress in Informatics and Computing s. 428 - 432
Hlavní autori: Lei Zhao, Fu Wang
Médium: Konferenčný príspevok..
Jazyk:English
Vydavateľské údaje: IEEE 01.05.2014
Predmet:
anomaly detection
Educational institutions
Entropy
IP networks
management information base
Principal component analysis
Security
Servers
ISBN:9781479920334, 1479920339
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:With the increasingly widespread application of computer network, it has become a critical task to detect anomalous behaviors in the field of network security. In this paper we develop an entropy-based statistical approach that determines and reports entropy contents for variables in the Management Information Base. The change of the entropy value indicates that a massive network event or an anomaly may occur. We give the analysis on a real data set provided by a large-size network company. Both our theoretical analysis and experimental results demonstrate that the method is effective and efficient for network anomaly detection.
ISBN:9781479920334
1479920339
DOI:10.1109/PIC.2014.6972371