Incorporating Hidden Markov Model into Anomaly Detection Technique for Network Intrusion Detection

J. ChandrakantaBadajena, Chinmayee Rout
2012 International Journal of Computer Applications  
Now-a-days to increase the computation efficiency distributed systems are used in which the computing resources are shared among several systems. Such openness of distributed system leads to increase in potential attacks on the hardware and software by exploration of system vulnerability. This paper presents implementation of Intrusion Detection System (IDS) to model the behavior of users using Hidden Markov Model (HMM). This model attempts to detect intrusive attack efficiently. The IDS is an
more » ... dentification system which can be characterized by probabilities of false acceptance and false rejection. False acceptance means that the IDS allow intruders to continue their activity. False rejection means that the IDS stops the activity of a legitimate user. IDS can be developed by adoption of an appropriate mathematical model that allows us to generate user profiles efficiently and facilitates an effective and accurate decision-making process for intrusion detection. Due to the nondeterministic nature of user behavior, the decision about intrusive or nonintrusive behavior must take into account all evidence for and against the claim. So the probabilistic approach is to be implemented to model user profile to detect attack. INDEX TERMS-Intrusion detection System, Anomaly detection technique, Hidden Markov Model, KDD Cup 1999 data set.
doi:10.5120/8469-2395 fatcat:cckqcv6pmbe7pilgejruyomybu