论文信息 - A Research of Approximate Entropy’s Clustering Analysis in the Detection of Abnormal Flow

A Research of Approximate Entropy’s Clustering Analysis in the Detection of Abnormal Flow

How to detect mixed or unknown network attacks is difficult in anomaly detection .Network traffic has an important feature of nonlinear dynamics, The paper proposes a new method to detect abnormal traffic by approximate entropy, one of the important dynamics parameters, the relevant parameters are tested and compared in experiments. Finally,sequence of approximate entropy generated are processed by cluster analysis to improve accuracy, the results show that the method could identify traffic with mixed or unknown attacks well. Furtherlly improvements of the method are made a discussion.

Jun Li | Yan Niu | Jun Li

[1] S. Pincus. Approximate entropy (ApEn) as a complexity measure. , 1995, Chaos.

[2] J. Richman,et al. Physiological time-series analysis using approximate entropy and sample entropy. , 2000, American journal of physiology. Heart and circulatory physiology.

[3] William Stallings,et al. High-Speed Networks and Internets: Performance and Quality of Service , 2002 .

[4] Fang Binxing. An exploratory development on the Hurst parameter variety of network traffic abnormity signal , 2005 .

[5] S M Pincus,et al. Approximate entropy as a measure of system complexity. , 1991, Proceedings of the National Academy of Sciences of the United States of America.

[6] Richard Lippmann,et al. The 1999 DARPA off-line intrusion detection evaluation , 2000, Comput. Networks.