Title :
A HMM-based method for anomaly detection
Author :
Wang, Fei ; Zhu, Hongliang ; Tian, Bin ; Xin, Yang ; Niu, Xinxin ; Yang, Yu
Author_Institution :
State Key Lab. of Networking & Switching Technol., Beijing Univ. of Posts & Telecommun., Beijing, China
Abstract :
Intrusion-detection systems (IDSs) are essential tools for the security of computer systems. Anomaly detection, which uses knowledge about normal behaviors and attempts to detect intrusions by noting significant deviations, has been paid more and more attention. In this paper, we introduce a HMM-based method for anomaly detection. The proposed method is composed of two important stages: off-line training stage and on-line testing stage. In the off-line training stage, we train the normal behaviors by hidden Markov models (HMMs). In the on-line testing stage, we make the final decision based on the minimum risk Bayesian decision theory. We deploy the method on an IDS system to evaluate its performance, and the experimental results demonstrate that our method can achieve satisfying results.
Keywords :
Bayes methods; decision theory; hidden Markov models; security of data; HMM-based method; IDS system; anomaly detection; computer system security; hidden Markov models; intrusion-detection system; minimum risk Bayesian decision theory; off-line training stage; on-line testing stage; Accuracy; Hidden Markov models; Intrusion detection; Testing; Training; Training data; Vectors; Hidden Markov Model; Intrusion detection; Network security; anomaly detection;
Conference_Titel :
Broadband Network and Multimedia Technology (IC-BNMT), 2011 4th IEEE International Conference on
Conference_Location :
Shenzhen
Print_ISBN :
978-1-61284-158-8
DOI :
10.1109/ICBNMT.2011.6155940
