Next Article in Journal
Collaborative Performance Research on Multi-level Hospital Management Based on Synergy Entropy-HoQ
Next Article in Special Issue
The Switching Generator: New Clock-Controlled Generator with Resistance against the Algebraic and Side Channel Attacks
Previous Article in Journal
A Criterion for Topological Close-Packed Phase Formation in High Entropy Alloys
Previous Article in Special Issue
Applied Cryptography Using Chaos Function for Fast Digital Logic-Based Systems in Ubiquitous Computing
Article Menu

Export Article

Open AccessArticle
Entropy 2015, 17(4), 2367-2408;

An Entropy-Based Network Anomaly Detection Method

Systems' Department, Military Communication Institute, ul. Warszawska 22a, 05-130 Zegrze, Poland
Department of Applied Computer Science, AGH University of Science and Technology, al. Mickiewicza 30, 30-059 Krakow, Poland
Author to whom correspondence should be addressed.
Academic Editors: James Park and Wanlei Zhou
Received: 28 February 2015 / Revised: 15 April 2015 / Accepted: 16 April 2015 / Published: 20 April 2015
Full-Text   |   PDF [1402 KB, uploaded 21 April 2015]   |  


Data mining is an interdisciplinary subfield of computer science involving methods at the intersection of artificial intelligence, machine learning and statistics. One of the data mining tasks is anomaly detection which is the analysis of large quantities of data to identify items, events or observations which do not conform to an expected pattern. Anomaly detection is applicable in a variety of domains, e.g., fraud detection, fault detection, system health monitoring but this article focuses on application of anomaly detection in the field of network intrusion detection.The main goal of the article is to prove that an entropy-based approach is suitable to detect modern botnet-like malware based on anomalous patterns in network. This aim is achieved by realization of the following points: (i) preparation of a concept of original entropy-based network anomaly detection method, (ii) implementation of the method, (iii) preparation of original dataset, (iv) evaluation of the method. View Full-Text
Keywords: anomaly detection; entropy; malware detection anomaly detection; entropy; malware detection

Graphical abstract

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).

Share & Cite This Article

MDPI and ACS Style

Bereziński, P.; Jasiul, B.; Szpyrka, M. An Entropy-Based Network Anomaly Detection Method. Entropy 2015, 17, 2367-2408.

Show more citation formats Show less citations formats

Related Articles

Article Metrics

Article Access Statistics



[Return to top]
Entropy EISSN 1099-4300 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top