標題: Entropy-Based Profiling of Network Traffic for Detection of Security Attack
作者: Lee, Tsern-Huei
He, Jyun-De
電信工程研究所
Institute of Communications Engineering
關鍵字: profiling;entropy;chi-square;anomaly detection
公開日期: 2009
摘要: Network security has become a major concern in recent years. In this research, we present an entropy-based network traffic profiling scheme for detecting security attacks. The proposed scheme consists of two stages. The purpose of the first stage is to systematically construct the probability distribution of Relative Uncertainty for normal network traffic behavior. In the second stage, we use the Chi-Square Goodness-of-Fit Test, a calculation that measures the level of difference of two probability distributions, to detect abnormal network activities. The probability distribution of the Relative Uncertainty for short-term network behavior is compared with that of the long-term profile constructed in the first stage. We demonstrate the performance of our proposed scheme for DoS attacks with the dataset derived from KDD CUP 1999. Experimental results show that our proposed scheme achieves high accuracy if the features are selected appropriately.
URI: http://hdl.handle.net/11536/14411
ISBN: 978-1-4244-4546-2
ISSN: 0886-1420
期刊: TENCON 2009 - 2009 IEEE REGION 10 CONFERENCE, VOLS 1-4
起始頁: 2505
結束頁: 2509
顯示於類別:會議論文