HMMs for Optimal Detection of Cybernet Attacks
نویسندگان
چکیده
The rapid detection of attackers within firewalls of computer networks is of paramount importance. Anomaly detectors address this problem by quantifying deviations from baseline statistical models of normal network behavior. However anomaly detectors have many false positives, severely limiting their practical utility. To circumvent this problem we need to evaluate both the likelihood of observed network behavior given that no attacker is present (as in anomaly detectors) and the likelihood given that an attacker is present. Any realistic stochastic model for behavior of a compromised network must work in continuous time, with many
منابع مشابه
Intrusion Detection in Wireless Sensor Networks using Genetic Algorithm
Wireless sensor networks, due to the characteristics of sensors such as wireless communication channels, the lack of infrastructure and targeted threats, are very vulnerable to the various attacks. Routing attacks on the networks, where a malicious node from sending data to the base station is perceived. In this article, a method that can be used to transfer the data securely to prevent attacks...
متن کاملDefending DDoS Attacks Using Hidden Markov Models and Cooperative Reinforcement Learning
In recent years, distributed denial of service (DDoS) attacks have brought increasing threats to the Internet since attack traffic caused by DDoS attacks can consume lots of bandwidth or computing resources on the Internet and the availability of DDoS attack tools has become more and more easy. However, due to the similarity between DDoS attack traffic and transient bursts of normal traffic, it...
متن کاملHMM Sequential Hypothesis Tests for Intrusion Detection in MANETs Extended Abstract
Most of the work for securing the routing protocols of mobile ad hoc wireless networks has been done in prevention. Intrusion detection systems play a complimentary role to that of prevention for dealing with malicious insiders, incorrect implementation and attack models. We present a statistical framework that allows the incorporation of prior information about the normal behavior of the netwo...
متن کاملMoving dispersion method for statistical anomaly detection in intrusion detection systems
A unified method for statistical anomaly detection in intrusion detection systems is theoretically introduced. It is based on estimating a dispersion measure of numerical or symbolic data on successive moving windows in time and finding the times when a relative change of the dispersion measure is significant. Appropriate dispersion measures, relative differences, moving windows, as well as tec...
متن کاملIntrusion Detection Using Evolutionary Hidden Markov Model
Intrusion detection systems are responsible for diagnosing and detecting any unauthorized use of the system, exploitation or destruction, which is able to prevent cyber-attacks using the network package analysis. one of the major challenges in the use of these tools is lack of educational patterns of attacks on the part of the engine analysis; engine failure that caused the complete training, ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2014