Different systems have been continuously developed in order to ensure integrity, availability, and confidentiality of networks. An important approach is the anomaly-based network intrusion detection system (A-NIDS). In this paper, we provide a structured and comprehensive overview of the research on entropy-based A-NIDS with the intention of providing researchers a quick introduction of essential aspects of this topic. As help to this point, a general architecture of A-NIDS based on Entropy is described and their main components are discussed. We also highlight some open issues in the entropy-based network traffic anomaly detection.
Previous Article in event
Next Article in event
On Entropy in Network Traffic Anomaly Detection
Published: 13 November 2015 by MDPI in 2nd International Electronic Conference on Entropy and Its Applications session Information Theory
Keywords: Network traffic anomaly detection; entropy; generalized entropies; network security; A-NIDS, Mutual information, KL divergence; conditional entropy