• • 上一篇    下一篇

基于信息熵的网络流量信息结构特征研究

严承华%程晋%樊攀星   

  • 基金资助:
    全军军事学研究生课题(2011JY00235)

Research on the Network Traffic Information Structure Feature based on Entropy

YAN Cheng-hua%CHENG Jin%FAN Pan-xing   

  • About author:海军工程大学信息安全系,湖北武汉,430033

摘要: 随着人们对网络流量特征研究的深入,网络异常检测技术得以不断发展,因此流量特征分析是网络异常检测的基础性重要工作。文章研究基于熵的流量信息结构特征,不同于已有的网络流量初级统计特征研究,它以提取的流量属性在单位时间内分布特征为研究对象。基于 DARPA 99数据集的实验表明,该方法相对于基于流量初级统计特征方流量异常表示方法具有更强的敏感性。

Abstract: Because of the deep research of network traffic feature, technique of network anomaly detection developed rapidly. So the analysis of network traffic becomes a primary important basement of network anomaly detection. This paper study the traffic distribution feature based on entropy, different from traffic research based on the primary statistical feature, the study object becomes extracted attribute distribution feature. Experiment based on DARPA 99 dataset shows that, compared with proposed method, this kind of means is much more sensitive to anomaly traffic.