5 novembre 2014
Ce document est lié à :
info:eu-repo/semantics/altIdentifier/doi/10.1007/978-3-662-45237-0_43
http://creativecommons.org/licenses/by/ , info:eu-repo/semantics/OpenAccess
Przemysław Bereziński et al., « Network Anomaly Detection Using Parameterized Entropy », HAL-SHS : sciences de l'information, de la communication et des bibliothèques, ID : 10.1007/978-3-662-45237-0_43
Entropy-based anomaly detection has recently been extensively studied in order to overcome weaknesses of traditional volume and rule based approaches to network flows analysis. From many entropy measures only Shannon, Titchener and parameterized Renyi and Tsallis entropies have been applied to network anomaly detection. In the paper, our method based on parameterized entropy and supervised learning is presented. With this method we are able to detect a broad spectrum of anomalies with low false positive rate. In addition, we provide information revealing the anomaly type. The experimental results suggest that our method performs better than Shannon-based and volume-based approach.