• DocumentCode
    170510
  • Title

    An efficient entropy-based network anomaly detection method using MIB

  • Author

    Lei Zhao ; Fu Wang

  • Author_Institution
    Sch. of Electron. Inf., Shanghai Dianji Univ., Shanghai, China
  • fYear
    2014
  • fDate
    16-18 May 2014
  • Firstpage
    428
  • Lastpage
    432
  • Abstract
    With the increasingly widespread application of computer network, it has become a critical task to detect anomalous behaviors in the field of network security. In this paper we develop an entropy-based statistical approach that determines and reports entropy contents for variables in the Management Information Base. The change of the entropy value indicates that a massive network event or an anomaly may occur. We give the analysis on a real data set provided by a large-size network company. Both our theoretical analysis and experimental results demonstrate that the method is effective and efficient for network anomaly detection.
  • Keywords
    computer network security; entropy; statistical analysis; MIB; computer network security; entropy contents; entropy value; entropy-based statistical approach; large-size network company; management information base; massive network event; network anomaly detection; Educational institutions; Entropy; IP networks; Principal component analysis; Security; Servers; anomaly detection; entropy; management information base;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Progress in Informatics and Computing (PIC), 2014 International Conference on
  • Conference_Location
    Shanghai
  • Print_ISBN
    978-1-4799-2033-4
  • Type

    conf

  • DOI
    10.1109/PIC.2014.6972371
  • Filename
    6972371
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=170510