Anomaly Network Intrusion Detection Using Hidden Markov Model

Chia-Mei Chen, Dah-Jyh Guan, Yu-Zhi Huang, Ya-Hui Ou
2016 International Journal of Innovative Computing, Information and Control  
Cyberattacks become more sophisticated than before, as they involve intelligent planning with respect to the target machine. The current defense products might not be able to correlate diverse sensor input. For example, a client with low security awareness is in the distributed network environment where the target resides might be compromised and unnoticed, which in turn is used as a stepping stone to intrude the target. The conventional signature-based intrusion detection systems might not be
more » ... ble to identify such planned attacks. A state-based classification model is suitable for detecting the attacks composed of a sequence of attack stages. This study defines a sequence of attack states corresponding to the attack stages and the proposed detection system adopts a stated-based classification model, Hidden Markov Model, for detecting such advanced planned attacks. The experimental results show that the proposed detection system can identify the attacks efficiently.
doi:10.24507/ijicic.12.02.569 fatcat:th5oo2z2ojcnfhyvlyeih3fzta