標題: | Entropy-Based Profiling of Network Traffic for Detection of Security Attack |
作者: | Lee, Tsern-Huei He, Jyun-De 電信工程研究所 Institute of Communications Engineering |
關鍵字: | profiling;entropy;chi-square;anomaly detection |
公開日期: | 2009 |
摘要: | Network security has become a major concern in recent years. In this research, we present an entropy-based network traffic profiling scheme for detecting security attacks. The proposed scheme consists of two stages. The purpose of the first stage is to systematically construct the probability distribution of Relative Uncertainty for normal network traffic behavior. In the second stage, we use the Chi-Square Goodness-of-Fit Test, a calculation that measures the level of difference of two probability distributions, to detect abnormal network activities. The probability distribution of the Relative Uncertainty for short-term network behavior is compared with that of the long-term profile constructed in the first stage. We demonstrate the performance of our proposed scheme for DoS attacks with the dataset derived from KDD CUP 1999. Experimental results show that our proposed scheme achieves high accuracy if the features are selected appropriately. |
URI: | http://hdl.handle.net/11536/14411 |
ISBN: | 978-1-4244-4546-2 |
ISSN: | 0886-1420 |
期刊: | TENCON 2009 - 2009 IEEE REGION 10 CONFERENCE, VOLS 1-4 |
起始頁: | 2505 |
結束頁: | 2509 |
Appears in Collections: | Conferences Paper |