TITLE:
Information Theory and Data-Mining Techniques for Network Traffic Profiling for Intrusion Detection
AUTHORS:
Pablo Velarde-Alvarado, Rafael Martinez-Pelaez, Joel Ruiz-Ibarra, Victor Morales-Rocha
KEYWORDS:
Intrusion Detection, Traffic Profiling, Entropy, and Network Worms
JOURNAL NAME:
Journal of Computer and Communications,
Vol.2 No.11,
September
12,
2014
ABSTRACT:
In this paper, information theory and data
mining techniques to extract knowledge of network traffic behavior for packet-level
and flow-level are proposed, which can be applied for traffic profiling in
intrusion detection systems. The empirical analysis of our profiles through the
rate of remaining features at the packet-level, as well as the
three-dimensional spaces of entropy at the flow-level, provide a fast detection
of intrusions caused by port scanning and worm attacks.