Wanjiang Han scite author profile

Network anomaly detection is an effective way for analysing and detecting malicious attacks. However, the typical anomaly detection techniques cannot perform the desired effect in the controlled network just as in the general network. In the circumstance of the controlled network, the detection performance will be lowered due to its special characteristics including the stronger regularity, higher dimensionality and subtler fluctuation of its traffic. On the motivation, the study proposes a novel classifier framework based on cross entropy and support vector machine (SVM). The technique first subtracts the representative traffic characteristics from the network traffic and defines a 7-tuple feature vector for the controlled network by extending the traditional 5-tuple representation of the usual network. Then the probability distributions and cross entropies of the 7 tuples are calculated during the defined statistical window so as to generate the 7-tuple cross-entropy feature vector for profiling the network traffic fluctuation in the controlled network. Finally, the multi-class SVM classifier is trained by importing the 7-tuple cross-entropy feature vectors. Experimental results show that the proposed classifier can achieve higher detection rates and is more suitable to be used in the controlled network than the typical detection techniques. Nomenclature S ip source address of the network session S port source port of the network session D ip destination address of the network session D port destination port of the network session In number of source nodes that is connecting with the observed node in the network session Out number of destination nodes that the observed node is connected within the network session Vel corresponding traffic rates of the different connections in the network session

show abstract

Application of traditional Chinese medicine injections using traditional Chinese medicine theory

Han

He²,

Cao³

2012

CJCMM

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Wanjiang Han

MalInsight: A systematic profiling based malware detection framework

MalDAE: Detecting and explaining malware based on correlation and fusion of static and dynamic characteristics

Detecting anomalous traffic in the controlled network based on cross entropy and support vector machine

Application of traditional Chinese medicine injections using traditional Chinese medicine theory

Contact Info

Product

Resources

About