Network Traffic Anomaly Detection Based on Maximum Entropy Model

In this paper, a novel network traffic anomaly detection approach by adopting the Machine learning (ML) method based on Maximum entropy (ME) principle has been exploited. The final feature set is generated by extracting features from 1% of a public released dataset KDD 99 with Correlation-based feature selection (CFS) algorithm. The Bound-constrained limited memory variable metric (BLMVM) algorithm is employed to estimate the parameters to obtain an exponential model. The model is further studied in comparison with other ML methods. The proposed approach is assessed through a set of numerical experiments and the result demonstrates that the ME model exhibits enhanced classification efficiency for network traffic anomaly, even under the condition of training data with limited size.