Skip to main content
SpringerLink
Log in

Calibrating Entropy Functions Applied to Computer Networks

  • Conference paper
Computer Network Security (MMM-ACNS 2005)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 3685))

Abstract

It has been suggested that the problem of determining the state of a network could be solved by computing entropy functions based on the dynamic connections that are made among the nodes of that network. In this paper we will attempt to calibrate, in a quantitative way, the computation of those entropy functions on simulated data that we believe should resemble real data. Our purpose is to understand how one might use the entropy functions to signal that the state of a network is undergoing a significant change, perhaps due to an attack on the network or an attack emanating from the network. Our results are, we believe, either inconclusive or negative. Specifically, we believe that our simulations suggest either that these entropy functions are not sufficiently indicative of anomalous behavior in a network as to be usable for this purpose or that conversely in order for them to be used to detect anomalous behavior, the underlying “normal” behavior of the network would have to be more stable than we might expect it to be.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Buell, D.A., Huang, C.-T., Janies, J., Gudkov, V., Johnson, J.E.: Introductory material. In: Prepared for a DARPA workshop, Kiawah Island, South Carolina, October 18-20 (2004)

    Google Scholar 

  2. Brillouin, L.: Science and Information Theory. Academic Press, New York (1956)

    MATH  Google Scholar 

  3. Gudkov, V., Johnson, J., Madamanchi, R., Sidoran, J.L.: Monitoring of network topology dynamics. In: Proceedings, NATO Symposium on Adaptive Defence in Unclassified Networks (2004) (to appear)

    Google Scholar 

  4. Kolmogorov, A.N.: Sur la notion de la moyenne. In: Atti della Reale Accademia Nazionale dei Lincei, Serie VI, vol. 12, pp. 388–391 (1930)

    Google Scholar 

  5. Nagumo, M.: Über eine klasse der mittlewerte. Japanese Journal of Mathematics 7, 71–79 (1930)

    Google Scholar 

  6. Rényi, A.: Probability Theory. North-Holland, Amsterdam and London (1970)

    Google Scholar 

  7. Shannon, C.: A mathematical theory of communication. Bell System Technical Journal 27, 379–423, 623–656 (1948)

    MATH  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, University of South Carolina, Columbia, South Carolina, 20209

    Duncan A. Buell

Authors
  1. Duncan A. Buell
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. St. Petersburg Intitute for Informaticsand Automation, 39, 14-th Liniya, 199178, St. Petersburg, Russia

    Vladimir Gorodetsky

  2. Computer Security Research Group, St. Petersburg Institute for Informatics and Automation, 39, 14 Liniya, 199178, St.-Petersburg, Russia

    Igor Kotenko

  3. US Air Force, Binghamton University (SUNYI), 13902, Binghamton, NY, USA

    Victor Skormin

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Buell, D.A. (2005). Calibrating Entropy Functions Applied to Computer Networks. In: Gorodetsky, V., Kotenko, I., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2005. Lecture Notes in Computer Science, vol 3685. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11560326_6

Download citation

  • DOI: https://doi.org/10.1007/11560326_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-29113-8

  • Online ISBN: 978-3-540-31998-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation