This thesis solves possibility of using entropy for anomaly detection in data communication and especially for security attacks. The main advantage of using entropy is ability to identify unknown attacks because entropy detects changes in network traffic but not the content as existing methods. In this work was tested the suitability of different models entropy (Shannon, Renyi, Tsallis). Also been tested the effect of Renyi and Tsallis parameter on resulting entropy. From the resulting values, I found that all tested entropy achieve good result in the identification of anomalies in network traffic.
Identifer | oai:union.ndltd.org:nusl.cz/oai:invenio.nusl.cz:220416 |
Date | January 2015 |
Creators | Blažek, Petr |
Contributors | Mžourek, Zdeněk, Slavíček, Karel |
Publisher | Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií |
Source Sets | Czech ETDs |
Language | Czech |
Detected Language | English |
Type | info:eu-repo/semantics/masterThesis |
Rights | info:eu-repo/semantics/restrictedAccess |
Page generated in 0.0014 seconds