Abstract
With the growing amount and kinds of network intrusion, multi-stage attack is becoming the one of the main methos of the network security threaten. The hidden Markov model is a kind of probabilistic model, which is widely used in speech recognition, text and image processing. In this paper, a Multi-stage Attack Detection Algorithm Based on Hidden Markov Model is proposed.And inorder to improve the performance of this algorithm,aother algorithm aims at false positive filter is also put forward. Experiments show that the algorithm has good perfomance in multi-stage attack detection.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Symantec Global Internet Security Threat Report trends, http://eval.symantec.com/mktginfo/enterprise/white_papers/bwhitepaper_internet_security_threat_report_xiv_04-2009.en-us.pdf
Symantec Internet Security Threat Reaport, http://www.symantec.com/zh/cn/theme.jsp?themeid=istr
Li, W.: Study on Method of network Multi-stage Attack Plan Recognition, Wu Han (2007)
Lindqvist, U., Porras, P.A.: Detecting computer and network misuse throughproduction-based exstemsy system toolset (P-BEST). In: Proceedings of the IEEE Comuter Society Symposium on Research in Security and Privacy, pp. 146–161. IEEE Press, Washington, D.C. (1999)
Liang, Y., Zhou, J., Yan, P.: Network Intrusion Detection System Based on CPN and Mobile Agent. J. Computer Engineering 16, 106–108 (2003)
Sun, Y., Zhong, Q., Su, J.: Research on Intention Recognition Based on HMM. J. Computer Engineering & Science 29(8), 19–22 (2007)
Balthrop, J., Esponda, F., Forrest, S., et al.: Coverage and Generalization in an Artificial Immune System. In: Proceedings of the Genetic and Evolutionary Computation Conference, pp. 3–10. Morgan Kaufmann, New York (2002)
Valdes, A., Skinner, K.: Adaptive, Model-Based Monitoring for Cyber Attack Detection. In: Debar, H., Mé, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol. 1907, pp. 80–92. Springer, Heidelberg (2000)
Pietraszek, T., Tanner, A.: Data mining and machine learning-Towards reducing false positives in intrusion detection. Information Security Technical Report 10, 169–183 (2005)
Templeton, S.J., Levitt, K.: A requires/provides model for computer attacks. In: Proceedings of the New Security Paradigms Workshop 2000, Cork Ireland, pp. 31–38 (2000)
Zhong, A.M., Jia, C.F.: Study on the application of hidden Markov models to computer intrusion detection. In: Proceedings of the 5th World Congress on Intelligent Control and Automation, pp. 4352–4357 (2004)
Chen, X., Wen, Z.: The Research on Network Intrusion Detection Method Based on RBF-HMM. J. Network Security 1, 9–11 (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Luktarhan, N., Jia, X., Hu, L., Xie, N. (2012). Multi-stage Attack Detection Algorithm Based on Hidden Markov Model. In: Wang, F.L., Lei, J., Gong, Z., Luo, X. (eds) Web Information Systems and Mining. WISM 2012. Lecture Notes in Computer Science, vol 7529. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33469-6_37
Download citation
DOI: https://doi.org/10.1007/978-3-642-33469-6_37
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33468-9
Online ISBN: 978-3-642-33469-6
eBook Packages: Computer ScienceComputer Science (R0)