%0 Journal Article
%T Entropy-based anomaly detection method for education network
基于信息熵理论的教育网异常流量发现*
%A CHEN Si-qi
%A WANG Juan
%A
陈锶奇
%A 王娟
%J 计算机应用研究
%D 2010
%I
%X To solve the problems of low efficiency and weak detecting ability in limited anomaly types of traditional network traffic detection method, this paper gave a new method that used seven indices to mine the netflow data from routers on the backstone network with applying the slipping window-based algorithm for detecting the bursts of the entropy stream in order to discover anomalies. In the meantime, presented correlativity of these entropy indices, according to it, sorted these entropy indices into four classes which had the extremely similary detection range. The experiment results illustrate that compared to the traditional traffic, this new method is more useful and accurate.
%K information entropy
%K the slipping window-based algorithm for detecting the bursts of the entropy stream
%K netflow
%K anomaly detection
%K correlativity analysis
信息熵
%K 基于移动窗口的熵流突发检测算法
%K netflow
%K 网络异常发现
%K 相关度分析
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=A9D9BE08CDC44144BE8B5685705D3AED&aid=924C045DC8FF92B23EA2D339398D888E&yid=140ECF96957D60B2&vid=DB817633AA4F79B9&iid=E158A972A605785F&sid=8EAB8D766913D934&eid=D13C8858CB852BDA&journal_id=1001-3695&journal_name=计算机应用研究&referenced_num=0&reference_num=10