Hidden Markov Model Based Anomaly Intrusion Detection

被引:0
作者
Jain, Ruchi [1 ]
Abouzakhar, Nasser S. [1 ]
机构
[1] Univ Hertfordshire, Dept Comp Sci, Hatfield AL10 9AB, Herts, England
来源
2012 INTERNATIONAL CONFERENCE FOR INTERNET TECHNOLOGY AND SECURED TRANSACTIONS | 2012年
关键词
Hidden Markov Model; Distinguishable TCP services; Anomaly intrusion detection;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
This paper aims to investigate and identify distinguishable TCP services, that comprise of both attack and normal types of TCP packets, using J48 decision tree algorithm. A predictive model capable of discriminating between normal and abnormal behavior of network traffic is developed by integrating Hidden Markov Model (HMM) technique with anomaly intrusion detection approach for each distinguishable TCP service. The model has been trained for each TCP session of the KDD Cup 1999 dataset using Baum-Welch training (BWT) and Viterbi training (VT) algorithms. Evaluation of the developed HMM model is performed using Forward and Backward algorithms. Results show that the proposed model is able to classify network traffic with approximately 76% to 99% accuracy. The overall performance of model is measured using standard evaluation method ROC curves.
引用
收藏
页码:528 / 533
页数:6
相关论文
共 19 条
[11]  
Hoang XD, 2003, ICON 2003: 11TH IEEE INTERNATIONAL CONFERENCE ON NETWORKS, P531
[12]  
Joshi S., 2005, Proceedings of the 43rd annual Southeast regional conference-Volume, P98
[13]  
Lee W., 2000, ACM Transactions on Information and Systems Security, V3, P227, DOI 10.1145/382912.382914
[14]  
Ourston D., 2002, P 36 HAW INT C SYST, V9, P334
[15]   A TUTORIAL ON HIDDEN MARKOV-MODELS AND SELECTED APPLICATIONS IN SPEECH RECOGNITION [J].
RABINER, LR .
PROCEEDINGS OF THE IEEE, 1989, 77 (02) :257-286
[16]   Handling nominal features in anomaly intrusion detection problems [J].
Shyu, ML ;
Sarinnapakorn, K ;
Kuruppu-Appuhamilage, I ;
Chen, SC ;
Chang, LW ;
Goldring, T .
15th International Workshop on Research Issues in Data Engineering: Stream Data Mining and Applications, Proceedings, 2005, :55-62
[17]   Anomaly Detection via Feature-Aided Tracking and Hidden Markov Models [J].
Singh, Satnam ;
Tu, Haiying ;
Donat, William ;
Pattipati, Krishna ;
Willett, Peter .
IEEE TRANSACTIONS ON SYSTEMS MAN AND CYBERNETICS PART A-SYSTEMS AND HUMANS, 2009, 39 (01) :144-159
[18]   Credit card fraud detection using hidden Markov model [J].
Srivastava, Abhinav ;
Kundu, Amlan ;
Sural, Shamik ;
Majumdar, Arun K. .
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2008, 5 (01) :37-48
[19]  
UCI KDD Archive, KDD CUP 1999 DAT
12