Abstract: A novel alive entropy-based detection approach was proposed, which detects the abnormal network traffic based on the values of alive entropies. The alive entropies calculated based on the NetFlow data coming from the network traffic of input and output of a whole system, which is essentially a monitored network. In order to decrease false positive rate of abnormal network traffic, different scales are selected to compute the values of alive entropies in different sizes of network traffic. With the low false positive rate of abnormal network traffic, the abnormal network traffic can be effectively detected. Experiments carried out on a real campus network were used to evaluate the effectiveness of the proposed approach. A comparative study illustrates that the proposed approach may easily detect the abnormal network traffic with random characteristics in comparison with some “conventional” approaches reported in the literatures.