Common Ground Books
Common Ground Open
The Arts in Society
Information, Medium & Society
Climate Change: Impacts and Responses
Diversity in Organizations, Communities & Nations
Global Studies
Spaces & Flows
Design Principles & Practices
New Directions in the Humanities
Interdisciplinary Social Sciences
Aging & Social Change
Tourism and Leisure Studies
The Learner
Organization Studies
Religion in Society
Food Studies
Communication and Media Studies
e-Learning and Innovative Pedagogies
Sport & Society
On Sustainability
Technology, Knowledge & Society
World Universities Forum
The Constructed Environment
Health, Wellness & Society
The Image
Science in Society
The Inclusive Museum
Spatial and Temporal Characterization of Network Traffic for ...
Views: 454
- Title: Spatial and Temporal Characterization of Network Traffic for Intrusion Detection Based on Information Theory
- Author(s): Pablo Velarde Alvarado, Rafael Martinez Pelaez, Luis J. Mena-Camaré, Alberto M. Ochoa Brust, Efrain Moreno Garcia, Jose De Jesus Ceballos Mejia, Adalberto Iriarte-Solis
- Publisher: Common Ground Research Networks
- Collection: Common Ground Research Networks
- Series: Technology, Knowledge & Society
- Journal Title: The International Journal of Technology, Knowledge, and Society
- Keywords: Network Security, Intrusion Detection Systems, Information Theory, Entropy
- Volume: 14
- Issue: 2
- Date: June 27, 2018
- ISSN: 1832-3669 (Print)
- DOI: https://doi.org/10.18848/1832-3669/CGP/v14i02/1-7
- Citation: Velarde Alvarado, Pablo, Rafael Martinez Pelaez, Luis J. Mena-Camaré, Alberto M. Ochoa Brust, Efrain Moreno Garcia, Jose De Jesus Ceballos Mejia, and Adalberto Iriarte-Solis. 2018. "Spatial and Temporal Characterization of Network Traffic for Intrusion Detection Based on Information Theory." The International Journal of Technology, Knowledge, and Society 14 (2): 1-7. doi:10.18848/1832-3669/CGP/v14i02/1-7.
- Extent: 7 pages
All Rights Reserved
Copyright © 2018, Common Ground Research Networks, All Rights Reserved
Abstract
The Method of Entropy Spaces is based on constructing a three-dimensional space of network traffic at packet flow level. Each point in that space is a three-dimensional entropy value of the clusters of flows observed during a time slot. The selection of features for point clouds data is performed using Pattern Recognition (PR) techniques such as Principal Component Analysis (PCA) and Kernel Density Estimation (KDE). The typical traffic of the network is a model formed by a Gaussian Mixture (GM) and a Generalized Extreme Distribution (GEV) that defines the behavior of the selected features. These models, when integrated into an Anomaly-Based Intrusion Detection System (A-NIDS) were effective in detecting actual attacks carried out in a Local Area Network (LAN).
