A HMM-based method for anomaly detection

Intrusion-detection systems (IDSs) are essential tools for the security of computer systems. Anomaly detection, which uses knowledge about normal behaviors and attempts to detect intrusions by noting significant deviations, has been paid more and more attention. In this paper, we introduce a HMM-bas...

Full description

Saved in:
Bibliographic Details
Published in2011 4th IEEE International Conference on Broadband Network and Multimedia Technology pp. 276 - 280
Main Authors Fei Wang, Hongliang Zhu, Bin Tian, Yang Xin, Xinxin Niu, Yu Yang
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.10.2011
Subjects
Accuracy
anomaly detection
Hidden Markov Model
Hidden Markov models
Intrusion detection
Network security
Testing
Training
Training data
Vectors
Online AccessGet full text
ISBN9781612841588
1612841589
DOI10.1109/ICBNMT.2011.6155940

Cover

More Information
Summary:Intrusion-detection systems (IDSs) are essential tools for the security of computer systems. Anomaly detection, which uses knowledge about normal behaviors and attempts to detect intrusions by noting significant deviations, has been paid more and more attention. In this paper, we introduce a HMM-based method for anomaly detection. The proposed method is composed of two important stages: off-line training stage and on-line testing stage. In the off-line training stage, we train the normal behaviors by hidden Markov models (HMMs). In the on-line testing stage, we make the final decision based on the minimum risk Bayesian decision theory. We deploy the method on an IDS system to evaluate its performance, and the experimental results demonstrate that our method can achieve satisfying results.
ISBN:9781612841588
1612841589
DOI:10.1109/ICBNMT.2011.6155940