| Entropy analysis to identify unusual changes in system behavior using data clustering |
| کد مقاله : 1173-NAEC |
| نویسندگان |
|
علی ایزدی نیا *1، مسعود حیدری پور2، حمید حاج سیدجوادی3 1فاراغ التحصیل کارشناسی ارشد مهندسی کامپیوتر از دانشکده فنی و مهندسی دانشگاه شاهد 2دانشکده علوم پزشکی سراب 3دانشگاه شاهد دانشکده فنی گروه مهندسی کامپیوتر |
| چکیده مقاله |
| Entropy analysis provides a robust mathematical framework rooted in information theory to quantify the uncertainty, disorder, and unpredictability within data. This approach is particularly valuable in identifying unusual changes or anomalies in system behavior through data clustering techniques. By measuring the entropy of different data segments or clusters, it becomes possible to detect when the system deviates from its normal operation, signaling potential anomalies or security threats. The application of entropy analysis enhances data classification, feature selection, and real-time anomaly detection across diverse domains, including cybersecurity, industrial monitoring, and financial systems. In cybersecurity, for example, entropy-based methods improve the detection of irregular traffic patterns that could indicate cyberattacks or malicious activity. However, interpreting entropy values can be challenging, as high or low entropy may sometimes result from noise or irrelevant variations, leading to ambiguities. Accurate interpretation requires a careful balance of domain knowledge and analytical techniques. Overall, entropy analysis serves as an effective tool for early detection of abnormal system behaviors, facilitating timely interventions to mitigate potential risks and maintain system integrity. |
| کلیدواژه ها |
| Entropy, clustering, anomaly, cybersecurity, irregular traffic |
| وضعیت: پذیرفته شده |
