Detection of High-speed Network Flow Characteristics of the Multi-dimensional Entropy

Jinzhuo Liu, Chen Chu


To improve the efficiency of detecting flow anomaly, and solve the problem of the inefficient traditional flow analysis method and the weak anomaly detection capability, the multidimensional entropy-based joint index and the sliding window-based burst detection algorithm of entropy flow are combined in the detection of network anomaly of backbone routers. Moreover, these indexes should be classified through the relevancy analysis of entropies of all the indexes. And a summary should be drawn on the anomaly detection scope of each index according to the types of anomaly which are already known. This paper successfully excludes the index of high redundancy through experiment, and classify flow anomaly into four types which can be identified by the joint index. The experiment proves that this anomaly detection program is more practical, accurate and efficient than the traditional flow analysis method in terms of judging the types of anomaly.


Multidimensional entropy, sliding window-based burst detection algorithm of entropy flow, network anomaly detection, relevancy analysis.

