Detecção de Anomalias de Tráfego usando Entropia Não-Extensiva

Marcelo Luís MonsoresArtur ZivianiPaulo Sérgio Silva Rodrigues

Traffic anomalies are characterized by significative and unsual changes in the traffic patterns of one or multiple network links. Given that Internet traffic usually presents characteristics of long-range dependence, an approach to evaluate systems with this behavior is the adoption of nonextensive entropy, a generalization of the traditional Shannon entropy. This paper proposes the use of the nonextensive Tsallis entropy to detect traffic anomalies in autonomous systems. The experimental results show the flexibility of our proposed approach, enabled by the possibility of tuning the detection sensibility,and the better performance achieved by our proposal in comparison with previous approaches found in the literature.

