Click to open the HelpDesk interface
AECE - Front page banner

Menu:


FACTS & FIGURES

JCR Impact Factor: 0.825
JCR 5-Year IF: 0.752
SCOPUS CiteScore: 2.5
Issues per year: 4
Current issue: May 2023
Next issue: Aug 2023
Avg review time: 76 days
Avg accept to publ: 48 days
APC: 300 EUR


PUBLISHER

Stefan cel Mare
University of Suceava
Faculty of Electrical Engineering and
Computer Science
13, Universitatii Street
Suceava - 720229
ROMANIA

Print ISSN: 1582-7445
Online ISSN: 1844-7600
WorldCat: 643243560
doi: 10.4316/AECE


TRAFFIC STATS

2,144,774 unique visits
861,351 downloads
Since November 1, 2009

Robots online now
Googlebot


SCOPUS CiteScore

SCOPUS CiteScore


SJR SCImago RANK

SCImago Journal & Country Rank


LINKS

AECE on Wikipedia
DAS Conference
DAS on Wikipedia
EMCLab Laboratory
Hard & Soft Contest


TEXT LINKS

Anycast DNS Hosting
MOST RECENT ISSUES

 Volume 23 (2023)
 
     »   Issue 2 / 2023
 
     »   Issue 1 / 2023
 
 
 Volume 22 (2022)
 
     »   Issue 4 / 2022
 
     »   Issue 3 / 2022
 
     »   Issue 2 / 2022
 
     »   Issue 1 / 2022
 
 
 Volume 21 (2021)
 
     »   Issue 4 / 2021
 
     »   Issue 3 / 2021
 
     »   Issue 2 / 2021
 
     »   Issue 1 / 2021
 
 
 Volume 20 (2020)
 
     »   Issue 4 / 2020
 
     »   Issue 3 / 2020
 
     »   Issue 2 / 2020
 
     »   Issue 1 / 2020
 
 
  View all issues  


FEATURED ARTICLE

A Hybrid Deep Learning Approach for Intrusion Detection in IoT Networks, EMEC, M., OZCANHAN, M. H.
Issue 1/2022
AbstractPlus


SAMPLE ARTICLES

A Novel Approach to Speech Enhancement Based on Deep Neural Networks, SALEHI, M., MIRZAKUCHAKI, S.
Issue 2/2022
AbstractPlus

Nonlinear Observer Based on Linear Matrix Inequalities for Sensorless Grid-tied Single-stage Photovoltaic System, TERAN-GONZALEZ, R. A. J., PEREZ, J., BERISTAIN, J. A.
Issue 3/2021
AbstractPlus

Novel Power Smoothing Technique for a Hybrid AC-DC Microgrid Operating with Multiple Alternative Energy Sources, NEMPU, P. B., SABHAHIT, J. N., GAONKAR, D. N., RAO, V. S.
Issue 2/2021
AbstractPlus

Generating Manageable Electricity Demand Capacity for Residential Demand Response Studies by Activity-based Load Models, SONMEZ, M. A., BAGRIYANIK, M.
Issue 1/2021
AbstractPlus

A Study on Eye-Blink Detection-Based Communication System by Using K-Nearest Neighbors Classifier, EKIM, G., IKIZLER, N., ATASOY, A.
Issue 1/2023
AbstractPlus

Contributions to Elimination of Excitation Field Harmonics in Turbogenerators, ATALAY, A. K., KOCABAS, D. A.
Issue 4/2022
AbstractPlus


TOP ARTICLES

 Most cited in WOS »

 Most cited in SCOPUS »

 Most read articles »



LATEST NEWS

2023-Jun-05
SCOPUS published the CiteScore for 2022, computed by using an improved methodology, counting the citations received in 2019-2022 and dividing the sum by the number of papers published in the same time frame. The CiteScore of Advances in Electrical and Computer Engineering for 2022 is 2.0. For "General Computer Science" we rank #134/233 and for "Electrical and Electronic Engineering" we rank #478/738.

2022-Jun-28
Clarivate Analytics published the InCites Journal Citations Report for 2021. The InCites JCR Impact Factor of Advances in Electrical and Computer Engineering is 0.825 (0.722 without Journal self-cites), and the InCites JCR 5-Year Impact Factor is 0.752.

2022-Jun-16
SCOPUS published the CiteScore for 2021, computed by using an improved methodology, counting the citations received in 2018-2021 and dividing the sum by the number of papers published in the same time frame. The CiteScore of Advances in Electrical and Computer Engineering for 2021 is 2.5, the same as for 2020 but better than all our previous results.

2021-Jun-30
Clarivate Analytics published the InCites Journal Citations Report for 2020. The InCites JCR Impact Factor of Advances in Electrical and Computer Engineering is 1.221 (1.053 without Journal self-cites), and the InCites JCR 5-Year Impact Factor is 0.961.

2021-Jun-06
SCOPUS published the CiteScore for 2020, computed by using an improved methodology, counting the citations received in 2017-2020 and dividing the sum by the number of papers published in the same time frame. The CiteScore of Advances in Electrical and Computer Engineering for 2020 is 2.5, better than all our previous results.

Read More »


    
 

  4/2021 - 6

Machine Learning Enhanced Entropy-Based Network Anomaly Detection

TIMCENKO, V. See more information about TIMCENKO, V. on SCOPUS See more information about TIMCENKO, V. on IEEExplore See more information about TIMCENKO, V. on Web of Science, GAJIN, S. See more information about GAJIN, S. on SCOPUS See more information about GAJIN, S. on SCOPUS See more information about GAJIN, S. on Web of Science
 
View the paper record and citations in View the paper record and citations in Google Scholar
Click to see author's profile in See more information about the author on SCOPUS SCOPUS, See more information about the author on IEEE Xplore IEEE Xplore, See more information about the author on Web of Science Web of Science
Download PDF pdficon (1,765 KB) | Citation | Downloads: 1,098 | Views: 706
Author keywords
clustering algorithms, data flow computing, entropy, intrusion detection, machine learning
References keywords
detection(22), network(21), security(10), intrusion(10), data(10), anomaly(10), systems(9), learning(8), entropy(8), machine(6)
Blue keywords are present in both the references section and the paper title.
About this article
Date of Publication: 2021-11-30
Volume 21, Issue 4, Year 2021, On page(s): 51 - 60
ISSN: 1582-7445, e-ISSN: 1844-7600
Digital Object Identifier: 10.4316/AECE.2021.04006
Web of Science Accession Number: 000725107100006
SCOPUS ID: 85122239638
Abstract
Quick view
Full text preview
The advanced development of new technologies and heterogeneous environments relies on the proper processing of large data volumes, and accurate and fast response of real-time applications. Such circumstances provide a fertile ground for the appearance of diverse security concerns, thus challenging the scientific community for building more reliable and efficient Network Anomaly Detection Systems. This research proposes a comprehensive flow-based anomaly detection architecture, which encompasses techniques for entropy-based data processing and machine learning-based attack detection. It encompasses several attack categories and relies on the use of modelled and synthetically generated traffic patterns for Port Scan, Network Scan, DDoS amplification, flood, and dictionary attacks. The entropy-based analysis is used for easier detection of the hidden traffic patterns, as it can capture the behaviour of the biggest contributors, and of a large number of minor appearances in the feature distribution. The unusual traffic is then processed by the use of unsupervised machine learning algorithms. The approach is verified with datasets based on real network traffic, synthetically generated attack traffic instances and botnet traffic. The architecture is an original solution, planned for further real-network application, targeting the possible support for a range of different use cases.

References | Cited By  «-- Click to see who has cited this paper
[1] Y. Zhu, "Attack pattern discovery in forensic investigation of network attacks," IEEE J. on Selected Areas in Communications vol. 29, no. 7, pp. 1349-1357, 2011.
[CrossRef] [Web of Science Times Cited 9] [SCOPUS Times Cited 15]

[2] M. A. Wani, F.A. Bhat, S. Afzal, A.I. Khan, "Introduction to Deep Learning," Advances in Deep Learning. Springer, vol. 57, pp. 1-11, 2020.
[CrossRef] [SCOPUS Times Cited 15]

[3] M. Antonelli, P. Ducange, B. Lazzerini, F. Marcelloni, "Multi-objective evolutionary design of granular rule-based classifiers," Granular Computing, vol. 1, no. 1, pp. 37-58, 2016.
[CrossRef] [SCOPUS Times Cited 95]

[4] European Union Agency for Network and Information Security - "ENISA Threat Landscape Report 2016: 15 Top Cyber Threats and Trends," 2017.
[CrossRef]

[5] H. Debar, "Towards a taxonomy of intrusion detection systems," Computer Networks, vol. 31, no. 8, pp. 805-822, 1999.
[CrossRef] [Web of Science Times Cited 315] [SCOPUS Times Cited 487]

[6] P. Garcia-Teodoro, J. Diaz-Verdejo, G. Macia-Fernandez, E. Vazquez, "Anomaly-based network intrusion detection: techniques, systems and challenges," Computers & Security, vol. 28, no. 1, pp.18-28, 2009.
[CrossRef] [Web of Science Times Cited 884] [SCOPUS Times Cited 1201]

[7] A. Rehman, S. Tanzila, "Evaluation of artificial intelligent techniques to secure information in enterprises," Artificial Intelligence Review, vol. 42, no. 4, pp. 1029-1044, 2014.
[CrossRef] [Web of Science Times Cited 30] [SCOPUS Times Cited 47]

[8] H. Bostani, S. Sheikhan, "Hybrid of anomaly-based and specification-based IDS for internet of things using unsupervised OPF based on MapReduce approach," Computer Communications, vol. 98, pp. 52-71, 2017.
[CrossRef] [Web of Science Times Cited 110] [SCOPUS Times Cited 150]

[9] N. Moustafa, J. Hu, J. Slay, "A holistic review of network anomaly detection systems: a comprehensive survey," J. of Network and Computer Applications, vol. 128, pp. 33-55, 2019.
[CrossRef] [Web of Science Times Cited 119] [SCOPUS Times Cited 176]

[10] G. Peters, R. Weber, "DCC: A framework for dynamic granular clustering," Granular Computing, vol. 1, no. 1, pp. 1-11, 2016.
[CrossRef] [SCOPUS Times Cited 118]

[11] N. Shone, T. N. Ngoc, V.D. Phai, Q. Shi, "A deep learning approach to network intrusion detection," IEEE Trans. Emerging Topics in Computational Intelligence, vol. 2, no. 1, pp. 41-50, 2018.
[CrossRef] [Web of Science Times Cited 581] [SCOPUS Times Cited 825]

[12] M. Tavallaee, E. Bagheri, W. Lu, A. Ghorbani, "A detailed analysis of the KDD CUP 99 data set," IEEE Symposium on Computational Intelligence for Security and Defense Applications, Ottawa, ON, 2009, pp. 1-6,
[CrossRef] [SCOPUS Times Cited 2638]

[13] L. Dhanabal, S. P. Shantharajah, "A study on NSL-KDD dataset for intrusion detection system based on classification algorithms," Int. J. of Advanced Research in Computer and Communication Engineering, vol. 4, no. 6, pp. 446-452, 2015.
[CrossRef]

[14] M. Ring, S. Wunderlich, D. Grudl, D. Landes, A. Hotho, "A toolset for intrusion and insider threat detection," Data Analytics and Decision Support for Cybersecurity: Trends, Methodologies and Applications, Springer, pp. 3-31, 2017.
[CrossRef] [Web of Science Times Cited 8]

[15] M. Ring, S. Wunderlich, D. Grudl, D. Landes, A. Hotho, "A survey of network-based intrusion detection data sets," Computers & Security, vol. 86, pp. 147-167, 2019.
[CrossRef] [Web of Science Times Cited 236] [SCOPUS Times Cited 331]

[16] A. Sperotto, R. Sadre, F. Van Vliet, A. Pras, "A labeled data set for flow-based intrusion detection," IP Operations & Management Springer, vol. 5843, pp. 39-50, 2009.
[CrossRef] [SCOPUS Times Cited 110]

[17] P. Winter, E. Hermann, M. Zeilinger, "Inductive intrusion detection in flow-based network data using one-class support vector machines," in 4th IFIP Int. Conf. on New Technologies, Mobility and Security, pp. 1-5, 2011.
[CrossRef] [SCOPUS Times Cited 73]

[18] N. Moustafa, J. Slay, "UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)," in Proc. MilCIS, IEEE, pp. 1-6, 2015.
[CrossRef] [SCOPUS Times Cited 1421]

[19] G. Nychis et al, "An empirical evaluation of entropy-based traffic anomaly detection," 8th ACM SIGCOMM Conf. Internet Measurement, pp. 151, 2008.
[CrossRef] [SCOPUS Times Cited 266]

[20] B. Li et al, "A survey of network flow applications," J. of Network and Computer Applications, vol. 36, no. 2, pp. 567-581, 2013.
[CrossRef] [Web of Science Times Cited 139] [SCOPUS Times Cited 167]

[21] P. Berezinski, M. Szpyrka, B. Jasiul, M. Mazur, "Network anomaly detection using parameterized entropy," Computer Information Systems and Industrial Management, Springer, vol. 8838, pp. 465-478, 2014.
[CrossRef] [SCOPUS Times Cited 21]

[22] K. Xu, Z.L. Zhang, S. Bhattacharyya, "Internet traffic behavior profiling for network security monitoring," IEEE/ACM Trans. Networking, vol. 16, no. 6, pp. 1241-1252, 2008.
[CrossRef] [Web of Science Times Cited 61] [SCOPUS Times Cited 84]

[23] B. Agarwal, N. Mittal, "Hybrid approach for detection of anomaly network traffic using data mining techniques," Procedia Technology, vol. 6, pp. 996-1003, 2012.
[CrossRef] [Web of Science Times Cited 38]

[24] C. Zhua, Z. Wang, "Entropy-based matrix learning machine for imbalanced data sets," Pattern Recognition Letters, vol. 88, pp. 72-80, 2010.
[CrossRef] [Web of Science Times Cited 31] [SCOPUS Times Cited 40]

[25] Y. Zhang et al, "Comparison of machine learning methods for stationary wavelet entropy-based multiple sclerosis detection: decision tree, k-nearest neighbors, and support vector machine," Simulation, vol. 92, no. 9, pp. 861-871, 2016.
[CrossRef] [Web of Science Times Cited 122] [SCOPUS Times Cited 129]

[26] Y. Wang et al, "Internet traffic classification using constrained clustering," IEEE Trans. Parallel and Distributed Systems, vol. 25, no. 11, pp. 2932-2943, 2013.
[CrossRef] [Web of Science Times Cited 74] [SCOPUS Times Cited 81]

[27] T. Mitchell. Machine Learning. McGraw Hill Boston, 1997.

[28] S. B. Kotsiantis, I. Zaharakis, P. Pintelas, "Supervised machine learning: A review of classification techniques," Emerging Artificial Intelligence Applications in Computer Engineering, vol. 160, pp. 3-24. OS Press, 2007.

[29] B. Claise, G. Sadasivan, V. Valluri, M. Djernaes, "Cisco Systems NetFlow Services Export v. 9," RFC 3954, 2004.

[30] J. A. Ibrahim, S. Gajin, "Entropy-based network traffic anomaly classification method resilient to deception," Computer Science and Information Systems, pp. 45-45, 2021.
[CrossRef] [Web of Science Times Cited 2] [SCOPUS Times Cited 2]

[31] A. Webster, M. Gratian, R. Eckenrod, D. Patel, M. Cukier, "An improved method for anomaly-based network scan detection," Security and Privacy in Communication Systems, Springer, vol. 164, pp. 385-400, 2015.
[CrossRef] [SCOPUS Times Cited 4]

[32] S. Andropov, A. Guirik, M. Budko, M. Budko, "Network anomaly detection using artificial neural networks," 20th Conf. Open Innovations Association, pp. 26-31, 2017.
[CrossRef] [SCOPUS Times Cited 16]

[33] J. Mirkovic, P. Reiher, "A taxonomy of DDoS attack and DDoS defense mechanisms," ACM SIGCOMM Computer Communication Review, vol. 34, no. 2, pp. 39-53, 2004.
[CrossRef] [Web of Science Times Cited 809] [SCOPUS Times Cited 1230]

[34] J. Nazario, "DDoS attack evolution," Network Security, vol. 7, pp. 7-10, 2008.
[CrossRef] [SCOPUS Times Cited 31]

[35] C. Douligeris, A. Mitrokotsa, "DDoS attacks and defense mechanisms: classification and state-of-the-art," Computer Networks, vol. 44, no. 5, pp. 643-666, 2004.
[CrossRef] [Web of Science Times Cited 318] [SCOPUS Times Cited 487]

[36] H. Wang, D. Zhang, K. G. Shin, "Detecting SYN flooding attacks," Proc. 21st Joint Conf. IEEE Computer and Communications Societies, vol. 3, pp. 1530-1539, 2002.
[CrossRef]

[37] G. Kambourakis, T. Moschos, D. Geneiatakis, S. Gritzalis, "Detecting DNS amplification attacks," Critical Information Infrastructures Security," Lecture Notes in Computer Science, vol. 5141, pp. 185-196, 2008. Springer.
[CrossRef] [SCOPUS Times Cited 65]

[38] J. Vykopal, T. Plesnik, P. Minarik, "Network-based dictionary attack detection," Int. Conf. Future Networks, pp. 23-27, 2009.
[CrossRef] [Web of Science Times Cited 13] [SCOPUS Times Cited 21]

[39] A. Wagner, B. Plattner, "Entropy based worm and anomaly detection in fast IP networks," 14th IEEE Int. Workshops on Enabling Technologies Infrastructure for Collaborative Enterprise, pp. 172-177, 2005.
[CrossRef] [Web of Science Times Cited 109] [SCOPUS Times Cited 196]

[40] J. M. Amigo, G. B. Samuel, S. Hernandez, "A brief review of generalized entropies," Entropy, vol. 20, no. 11, pp. 813, 2018.
[CrossRef] [Web of Science Times Cited 94] [SCOPUS Times Cited 96]

[41] L. Lima, F. M. Assis, C. P. de Souza, "A comparative study of use of Shannon, Renyi and Tsallis entropy for attribute selecting in network intrusion detection," Int. Workshop on Measurements and Networking, pp. 77-82, 2011.
[CrossRef] [SCOPUS Times Cited 15]

[42] A. J. Lawrance, P.A.W. Lewis, "An exponential moving-average sequence and point process (EMA1)," J. of Applied Probability, vol. 14, no. 1, pp. 98-113, 1977.
[CrossRef] [Web of Science Times Cited 66]

[43] C. E. Shannon, "A mathematical theory of communication," Bell System Technical J., vol. 27, no. 3, pp. 379-423, 1948.
[CrossRef] [Web of Science Times Cited 23335] [SCOPUS Times Cited 28191]

[44] P.D. Bojovic, I. Basicevic, S. Ocovaj, M. Popovic, "A practical approach to detection of distributed denial-of-service attacks using a hybrid detection method," Computers & Electrical Engineering, vol. 73, pp. 84-96, 2018.
[CrossRef] [Web of Science Times Cited 26] [SCOPUS Times Cited 37]

[45] T. K. Moon, "The expectation-maximization algorithm," IEEE Signal Processing Magazine, vol. 13, no. 6, pp. 47-60, 1996.
[CrossRef] [Web of Science Times Cited 1726] [SCOPUS Times Cited 2094]

[46] B. Xue, M. Zhang, W. N. Browne, X. Yao, "A survey on evolutionary computation approaches to feature selection," IEEE Trans. Evolutionary Computation, vol. 20, no. 4, pp. 606-626, 2016.
[CrossRef] [Web of Science Times Cited 869] [SCOPUS Times Cited 1063]

[47] S. Garcia, M. Grill, J. Stiborek, A. Zunino, "An empirical comparison of botnet detection methods," Computers and Security J., vol. 45, pp. 100-123, 2014.
[CrossRef] [Web of Science Times Cited 339] [SCOPUS Times Cited 475]

[48] S. Garcia, "Malware capture facility project," CVUT University. Dataset CTU-Malware-Capture-Botnet-1, 2013.

[49] F. Azuaje, I.H. Witten, E. Frank, "Data mining: practical machine learning tools and techniques," BioMedical Engineering OnLine, vol. 5, no. 1, pp. 51, 2006.
[CrossRef]1



References Weight

Web of Science® Citations for all references: 30,463 TCR
SCOPUS® Citations for all references: 42,513 TCR

Web of Science® Average Citations per reference: 609 ACR
SCOPUS® Average Citations per reference: 850 ACR

TCR = Total Citations for References / ACR = Average Citations per Reference

We introduced in 2010 - for the first time in scientific publishing, the term "References Weight", as a quantitative indication of the quality ... Read more

Citations for references updated on 2023-06-05 13:17 in 256 seconds.


Note1: Web of Science® is a registered trademark of Clarivate Analytics.
Note2: SCOPUS® is a registered trademark of Elsevier B.V.
Disclaimer: All queries to the respective databases were made by using the DOI record of every reference (where available). Due to technical problems beyond our control, the information is not always accurate. Please use the CrossRef link to visit the respective publisher site.
Copyright ©2001-2023
Faculty of Electrical Engineering and Computer Science
Stefan cel Mare University of Suceava, Romania

All rights reserved: Advances in Electrical and Computer Engineering is a registered trademark of the Stefan cel Mare University of Suceava. No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from the Editor. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Faculty of Electrical Engineering and Computer Science, Stefan cel Mare University of Suceava, Romania, if and only if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.

Permission for other use: The copyright owner's consent does not extend to copying for general distribution, for promotion, for creating new works, or for resale. Specific written permission must be obtained from the Editor for such copying. Direct linking to files hosted on this website is strictly prohibited.

Disclaimer: Whilst every effort is made by the publishers and editorial board to see that no inaccurate or misleading data, opinions or statements appear in this journal, they wish to make it clear that all information and opinions formulated in the articles, as well as linguistic accuracy, are the sole responsibility of the author.



Website loading speed and performance optimization powered by: