Evolving Hidden Markov Models For Network Anomaly Detection

نویسندگان

  • Juan J. Flores
  • Juan M. Garcia
چکیده

This paper reports the results of a system that performs network anomaly detection through the use of Hidden Markov Models (HMMs). The HMMs used to detect anomalies are designed and trained using Genetic Algorithms (GAs). The use of GAs helps automating the use of HMMs, by liberating users from the need of statistical knowledge, assumed by software that trains HMMs from data. The number of states, connections and weights, and probability distributions of states are determined by the GA. Results are compared to those obtained with the Baum-Welch algorithm, proving that in all cases that we tested GA outperforms Baum-Welch. The best of the evolved HMMs was used to perform anomaly detection in network traffic activity with real data.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Anomaly Detection based on Probabilistic Properties of Hidden Markov Models

Due to increasing use of the Internet, there is a trend of increasing attacks over networks. Therefore, we have need of study for network anomaly detection and measurement scheme to network state. In this research, we propose a scheme for anomaly detection based on the traffic behavior of Hidden Markov Models. The proposed scheme detects anomalies in traffic using a time series. We decide wheth...

متن کامل

Evaluation of the Hidden Markov Model for Detection of P300 in EEG Signals

Introduction: Evoked potentials arisen by stimulating the brain can be utilized as a communication tool  between humans and machines. Most brain-computer interface (BCI) systems use the P300 component,  which is an evoked potential. In this paper, we evaluate the use of the hidden Markov model (HMM) for  detection of P300.  Materials and Methods: The wavelet transforms, wavelet-enhanced indepen...

متن کامل

Intrusion Detection Using Evolutionary Hidden Markov Model

Intrusion detection systems are responsible for diagnosing and detecting any unauthorized use of the system, exploitation or destruction, which is able to prevent cyber-attacks using the network package analysis. one of the major challenges in the use of these tools is lack of educational patterns of attacks on the part of the engine analysis; engine failure that caused the complete training,  ...

متن کامل

Modelling Intrusion Detection System using Hidden Markov Model: A Review

Information security has become a major concern to various businesses and organizations and requires an intelligent security system that can automatically detect the intrusions. An Intrusion Detection System (IDS) is used for this purpose. An Intrusion Detection System has become popular tool for observing patterns of activities in user accounts and detects malicious behaviour. Hidden Markov Mo...

متن کامل

About Some Applications of Hidden Markov Model in Intrusion Detection Systems

Intrusion detection systems (IDS) protect the computer networks such as a burglar alarm system against unauthorized access. The present paper introduces an approach to anomaly IDS based on Hidden Markov Models. The point is to process the sequences of system calls in order to distinguish the normal traces of system calls from abnormal ones. Simulations on Unix system data were accomplished and ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2009