• DocumentCode
    2138423
  • Title

    A new anomaly detection method based on hierarchical HMM

  • Author

    Zhang, Xiaoqiang ; Fan, Pingzhi ; Zhu, Zhongliang

  • Author_Institution
    Sch. of Comput. & Commun. Eng., Southwest Jiaotong Univ., Chengdu, China
  • fYear
    2003
  • fDate
    27-29 Aug. 2003
  • Firstpage
    249
  • Lastpage
    252
  • Abstract
    The state transition, which is hidden in the hidden Markov model (HMM), can be used to characterize the intrinsic difference between normal action and intrusion behavior. So HMM is an efficient way to detect anomalies. A new anomaly detection method based on a hierarchical HMM is proposed based on the concept of normal database and abnormal database. It is shown by analysis and simulation results that the proposed method is effective to increase the accuracy of anomaly detection.
  • Keywords
    alarm systems; authorisation; database management systems; hidden Markov models; safety systems; IDS; abnormal database; anomaly detection method; hidden Markov model; hierarchical HMM; intrusion behavior; intrusion detection system; normal database; state transition; Analytical models; Data mining; Databases; Hidden Markov models; Intrusion detection; Neural networks; Pattern recognition; Power system modeling; Support vector machines; Viterbi algorithm;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Parallel and Distributed Computing, Applications and Technologies, 2003. PDCAT'2003. Proceedings of the Fourth International Conference on
  • Print_ISBN
    0-7803-7840-7
  • Type

    conf

  • DOI
    10.1109/PDCAT.2003.1236299
  • Filename
    1236299
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2138423