Detecting anomalous traffic in the controlled network based on cross entropy and support vector machine. (1st March 2019)
- Record Type:
- Journal Article
- Title:
- Detecting anomalous traffic in the controlled network based on cross entropy and support vector machine. (1st March 2019)
- Main Title:
- Detecting anomalous traffic in the controlled network based on cross entropy and support vector machine
- Authors:
- Han, Weijie
Xue, Jingfeng
Yan, Hui - Abstract:
- Abstract : Network anomaly detection is an effective way for analysing and detecting malicious attacks. However, the typical anomaly detection techniques cannot perform the desired effect in the controlled network just as in the general network. In the circumstance of the controlled network, the detection performance will be lowered due to its special characteristics including the stronger regularity, higher dimensionality and subtler fluctuation of its traffic. On the motivation, the study proposes a novel classifier framework based on cross entropy and support vector machine (SVM). The technique first subtracts the representative traffic characteristics from the network traffic and defines a 7‐tuple feature vector for the controlled network by extending the traditional 5‐tuple representation of the usual network. Then the probability distributions and cross entropies of the 7 tuples are calculated during the defined statistical window so as to generate the 7‐tuple cross‐entropy feature vector for profiling the network traffic fluctuation in the controlled network. Finally, the multi‐class SVM classifier is trained by importing the 7‐tuple cross‐entropy feature vectors. Experimental results show that the proposed classifier can achieve higher detection rates and is more suitable to be used in the controlled network than the typical detection techniques.
- Is Part Of:
- IET information security. Volume 13:Number 2(2019)
- Journal:
- IET information security
- Issue:
- Volume 13:Number 2(2019)
- Issue Display:
- Volume 13, Issue 2 (2019)
- Year:
- 2019
- Volume:
- 13
- Issue:
- 2
- Issue Sort Value:
- 2019-0013-0002-0000
- Page Start:
- 109
- Page End:
- 116
- Publication Date:
- 2019-03-01
- Subjects:
- telecommunication traffic -- pattern classification -- entropy -- probability -- support vector machines -- computer network security
7‐tuple cross‐entropy feature vector -- controlled network -- support vector machine -- network anomaly detection -- network traffic fluctuation -- malicious attacks detection -- anomalous traffic detection -- traffic characteristics -- SVM classifier -- 5‐tuple representation -- probability distributions -- statistical window
Computer security -- Periodicals
Cryptography -- Periodicals
Computer networks -- Security measures -- Periodicals
Database security -- Periodicals
005.8 - Journal URLs:
- https://ietresearch.onlinelibrary.wiley.com/journal/17518717 ↗
http://digital-library.theiet.org/content/journals/iet-ifs ↗
http://www.ietdl.org/IET-IFS ↗
http://www.theiet.org/ ↗ - DOI:
- 10.1049/iet-ifs.2018.5186 ↗
- Languages:
- English
- ISSNs:
- 1751-8709
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4363.252660
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 23035.xml