| Entropy | |
| An Entropy-Based Network Anomaly Detection Method | |
| Przemysᐪw Bereziński1 Bartosz Jasiul1 Marcin Szpyrka2 James Park3 | |
| [1] C4I Systems’ Department, Military Communication Institute, ul. Warszawska 22a, 05-130 Zegrze, |
|
| 关键词: anomaly detection; entropy; malware detection; | |
| DOI : 10.3390/e17042367 | |
| 来源: mdpi | |
 PDF
|
|
【 摘 要 】
Data mining is an interdisciplinary subfield of computer science involving methods at the intersection of artificial intelligence, machine learning and statistics. One of the data mining tasks is anomaly detection which is the analysis of large quantities of data to identify items, events or observations which do not conform to an expected pattern. Anomaly detection is applicable in a variety of domains, e.g., fraud detection, fault detection, system health monitoring but this article focuses on application of anomaly detection in the field of network intrusion detection. The main goal of the article is to prove that an entropy-based approach is suitable to detect modern botnet-like malware based on anomalous patterns in network. This aim is achieved by realization of the following points: (i) preparation of a concept of original entropy-based network anomaly detection method, (ii) implementation of the method, (iii) preparation of original dataset, (iv) evaluation of the method.
【 授权许可】
CC BY
© 2015 by the authors; licensee MDPI, Basel, Switzerland
【 预 览 】
| Files | Size | Format | View |
|---|---|---|---|
| RO202003190013706ZK.pdf | 1402KB |  download |
878987797
028-85220240
