Learning Entropy

Zhang, Lele; Veitch, Darryl

doi:10.1007/978-3-642-20757-0_2

Cited by 6 publications

(3 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It is worth mentioning that some general weaknesses of entropy-based approaches are highlighted in [16], [17], where "optimal camouflage" strategies are described. In our case, the combined effect of random aggregation and different kinds of entropy adds robustness to the method.…”

Section: Related Workmentioning

confidence: 99%

“…Indeed the sketch dimensions do not depend on the quantity of processed traffic. Second, as described in [16], [17], entropy does not always allow us to discriminate two (also very different) histograms (as an example, think of two histograms that are scrambled versions of the same histogram). Hence, an attacker could realise a "mimicry" attack, in which after having estimated the traffic distribution, it creates an attack such that the associated histogram, yet very different from the reference one, leads to the same (or very similar) entropy value (as discussed in [17]).…”

Section: B Sketch Computationmentioning

confidence: 99%

See 1 more Smart Citation

An information-theoretic method for the detection of anomalies in network traffic

Callegari

Giordano

Pagano

2017

Computers & Security

View full text Add to dashboard Cite

Anomaly-based Intrusion Detection is a key research topic in network security due to its ability to face unknown attacks and new security threats. For this reason, many works on the topic have been proposed in the last decade. Nonetheless, an ultimate solution, able to provide a high detection rate with an acceptable false alarm rate, has still to be identified. In this paper we propose a novel intrusion detection system that performs anomaly detection by studying the variation in the entropy associated to the network traffic. To this aim, the traffic is first aggregated by means of random data structures (namely three-dimension reversible sketches) and then the entropy of different traffic descriptors is computed by using several definitions. The experimental results obtained over the MAWILab dataset validate the system and demonstrate the effectiveness of our proposal for a proper set of entropy definitions

show abstract

Section: Related Workmentioning

confidence: 99%

Section: B Sketch Computationmentioning

confidence: 99%

An information-theoretic method for the detection of anomalies in network traffic

Callegari

Giordano

Pagano

2017

Computers & Security

View full text Add to dashboard Cite

show abstract

“…In order to quantify the PD feature information extracted by VMD, entropy theory is introduced. Entropy, as a measure of uncertainty or irregularity, was widely applied in fault diagnosis recently [11]. It was first introduced by Shannon in 1948 [12].…”

Section: Introductionmentioning

confidence: 99%

Partial Discharge Fault Diagnosis Based on Multi-Scale Dispersion Entropy and a Hypersphere Multiclass Support Vector Machine

Shang

Feng

2019

Entropy

View full text Add to dashboard Cite

Partial discharge (PD) fault analysis is an important tool for insulation condition diagnosis of electrical equipment. In order to conquer the limitations of traditional PD fault diagnosis, a novel feature extraction approach based on variational mode decomposition (VMD) and multi-scale dispersion entropy (MDE) is proposed. Besides, a hypersphere multiclass support vector machine (HMSVM) is used for PD pattern recognition with extracted PD features. Firstly, the original PD signal is decomposed with VMD to obtain intrinsic mode functions (IMFs). Secondly proper IMFs are selected according to central frequency observation and MDE values in each IMF are calculated. And then principal component analysis (PCA) is introduced to extract effective principle components in MDE. Finally, the extracted principle factors are used as PD features and sent to HMSVM classifier. Experiment results demonstrate that, PD feature extraction method based on VMD-MDE can extract effective characteristic parameters that representing dominant PD features. Recognition results verify the effectiveness and superiority of the proposed PD fault diagnosis method.

show abstract

Impact of Histogram Construction Techniques on Information - Theoretic Anomaly Detection

2017

View full text Add to dashboard Cite

Learning Entropy

Cited by 6 publications

References 10 publications

An information-theoretic method for the detection of anomalies in network traffic

An information-theoretic method for the detection of anomalies in network traffic

Partial Discharge Fault Diagnosis Based on Multi-Scale Dispersion Entropy and a Hypersphere Multiclass Support Vector Machine

Impact of Histogram Construction Techniques on Information - Theoretic Anomaly Detection

Contact Info

Product

Resources

About