Abstract
It has been suggested that the problem of determining the state of a network could be solved by computing entropy functions based on the dynamic connections that are made among the nodes of that network. In this paper we will attempt to calibrate, in a quantitative way, the computation of those entropy functions on simulated data that we believe should resemble real data. Our purpose is to understand how one might use the entropy functions to signal that the state of a network is undergoing a significant change, perhaps due to an attack on the network or an attack emanating from the network. Our results are, we believe, either inconclusive or negative. Specifically, we believe that our simulations suggest either that these entropy functions are not sufficiently indicative of anomalous behavior in a network as to be usable for this purpose or that conversely in order for them to be used to detect anomalous behavior, the underlying “normal” behavior of the network would have to be more stable than we might expect it to be.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Buell, D.A., Huang, C.-T., Janies, J., Gudkov, V., Johnson, J.E.: Introductory material. In: Prepared for a DARPA workshop, Kiawah Island, South Carolina, October 18-20 (2004)
Brillouin, L.: Science and Information Theory. Academic Press, New York (1956)
Gudkov, V., Johnson, J., Madamanchi, R., Sidoran, J.L.: Monitoring of network topology dynamics. In: Proceedings, NATO Symposium on Adaptive Defence in Unclassified Networks (2004) (to appear)
Kolmogorov, A.N.: Sur la notion de la moyenne. In: Atti della Reale Accademia Nazionale dei Lincei, Serie VI, vol. 12, pp. 388–391 (1930)
Nagumo, M.: Über eine klasse der mittlewerte. Japanese Journal of Mathematics 7, 71–79 (1930)
Rényi, A.: Probability Theory. North-Holland, Amsterdam and London (1970)
Shannon, C.: A mathematical theory of communication. Bell System Technical Journal 27, 379–423, 623–656 (1948)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Buell, D.A. (2005). Calibrating Entropy Functions Applied to Computer Networks. In: Gorodetsky, V., Kotenko, I., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2005. Lecture Notes in Computer Science, vol 3685. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11560326_6
Download citation
DOI: https://doi.org/10.1007/11560326_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29113-8
Online ISBN: 978-3-540-31998-6
eBook Packages: Computer ScienceComputer Science (R0)