Anomaly detection through header field entropy

An approach for detecting anomalous flows in a network using header field entropy. This can be useful in detecting anomalous or malicious traffic that may attempt to "hide" or inject itself into legitimate flows. A malicious endpoint might attempt to send a control message in underutilized...

Full description

Saved in:
Bibliographic Details
Main Authors Pang, Jackson Ngoc Ki, Spadaro, Roberto Fernando, Gandham, Shashidhar, Alizadeh Attar, Mohammadreza, Yadav, Navindra
Format Patent
LanguageEnglish
Published 08.11.2022
Subjects
CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
IMAGE DATA PROCESSING OR GENERATION, IN GENERAL
MULTIPLEX COMMUNICATION
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
WIRELESS COMMUNICATIONS NETWORKS
Online AccessGet full text

Cover

More Information
Summary:An approach for detecting anomalous flows in a network using header field entropy. This can be useful in detecting anomalous or malicious traffic that may attempt to "hide" or inject itself into legitimate flows. A malicious endpoint might attempt to send a control message in underutilized header fields or might try to inject illegitimate data into a legitimate flow. These illegitimate flows will likely demonstrate header field entropy that is higher than legitimate flows. Detecting anomalous flows using header field entropy can help detect malicious endpoints.
Bibliography:Application Number: US202016846149