A Detection Approach of User Behaviors Based on HsMM
نویسندگان
چکیده
Abstract: It is difficult for the existing anomaly detection methods to distinguish the burst of normal traffic from the anomalous traffic in a large-scale web site. This paper extends the current Hidden semi-Markov Model (HsMM) that is used for single sequence of observations to the HsMM with multiple sequences of observations, and proposes a detection approach on user behaviors based on this extended HsMM. Two new on-line algorithms are proposed in this approach to solve the problems that we have incomplete training data and need an algorithm for on-line updating of the model parameters. By conducting an experiment with a real traffic data, this approach shows that it is not only suitable for describing the characteristics of the access behaviors of users, but also effective in measuring the degree of normality of the user behaviors.
منابع مشابه
Application of Combined Local Object Based Features and Cluster Fusion for the Behaviors Recognition and Detection of Abnormal Behaviors
In this paper, we propose a novel framework for behaviors recognition and detection of certain types of abnormal behaviors, capable of achieving high detection rates on a variety of real-life scenes. The new proposed approach here is a combination of the location based methods and the object based ones. First, a novel approach is formulated to use optical flow and binary motion video as the loc...
متن کاملA Novel Multi-user Detection Approach on Fluctuations of Autocorrelation Estimators in Non-Cooperative Communication
Recently, blind multi-user detection has become an important topic in code division multiple access (CDMA) systems. Direct-Sequence Spread Spectrum (DSSS) signals are well-known due to their low probability of detection, and secure communication. In this article, the problem of blind multi-user detection is studied in variable processing gain direct-sequence code division multiple access (VPG D...
متن کاملA hybrid approach for database intrusion detection at transaction and inter-transaction levels
Nowadays, information plays an important role in organizations. Sensitive information is often stored in databases. Traditional mechanisms such as encryption, access control, and authentication cannot provide a high level of confidence. Therefore, the existence of Intrusion Detection Systems in databases is necessary. In this paper, we propose an intrusion detection system for detecting attacks...
متن کاملDesigning an Intelligent Intrusion Detection System in the Electronic Banking Industry Using Fuzzy Logic
One of the most important obstacles to using Internet banking is the lack of Stability of transactions and some misuse in the course of transactions it is financial. That is why preventing unauthorized access Crime detection is one of the major issues in financial institutions and banks. In this article, a system of intelligence has been designed that recognizes Suspicious and unusual behaviors...
متن کاملAnomaly Detection on User Browsing Behaviors for Prevention App_ddos
Some of the hardest to mitigate distributed denial of service attacks (DDoS) are ones targeting the application layer. Over the time, researchers proposed many solutions to prevent denial of service attacks (DDoS) from IP and TCP layers instead of the application layer. New application Layer based DDoS attacks utilizing legitimate HTTP requests to overwhelm victim resources are more undetectabl...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2005