A New Intrusion Detection Technology by Markov Chain

Author

Cao Lai-Cheng

Author_Institution

Sch. of Comput. & Commun., Lanzhou Univ. of Technol., Lanzhou, China

Volume

1

fYear

2009

fDate

7-8 Nov. 2009

Firstpage

296

Lastpage

300

Abstract

In order to reduce wrong detection intrusions, missed intrusions and poor real-time performance. An intrusion detection method based on Markov chain was presented. For every network packet, three major groups of features were extracted, and feature sequence was matched into the state of Markov process. Then anomaly activity of network could be detected by constructing Markov chain. Moreover, using a dynamic load-balancing algorithm, it could avoid packet loss in high-performance network and process heavy traffic loads in real-time. Experiment analysis proves that this intrusion detection method has relatively low false positive rate and false negative rate.

Keywords

Markov processes; feature extraction; security of data; Markov chain; dynamic load-balancing algorithm; feature extraction; intrusion detection technology; network packet; packet loss avoidance; real-time performance; Artificial intelligence; Computer network reliability; Computer networks; Detectors; Feature extraction; Heuristic algorithms; Intrusion detection; Packet switching; Telecommunication computing; Telecommunication traffic; dynamic load-balancing algorithm; false negative rate; false positive rate; intrusion detection; markov chain;

fLanguage

English

Publisher

ieee

Conference_Titel

Artificial Intelligence and Computational Intelligence, 2009. AICI '09. International Conference on

Conference_Location

Shanghai

Print_ISBN

978-1-4244-3835-8

Electronic_ISBN

978-0-7695-3816-7

Type

conf

DOI

10.1109/AICI.2009.25

Filename

5376156