{"title":"Research on Prediction of Attack Behavior Based on HMM","authors":"Sen Jing, Min Li, Yue Sun, Yue Zhang","doi":"10.1109/IMCEC51613.2021.9482334","DOIUrl":null,"url":null,"abstract":"Compound attacks have become the most threatening form of network attacks. Intrusion detection systems can detect attacks but cannot predict attacks. In order to more accurately reflect the network security situation, this paper analyzes the shortcomings of traditional attack prediction algorithms, and proposes to establish a hidden Markov model based on the change of the host's security status with the change of the observation sequence. The Baum-Welch algorithm is used to optimize the configuration parameters of the evaluation model. Quantitative analysis is used to obtain the security situation of the entire network, and the parameters of the HMM model are optimized to make the calculation of the predicted attack probability more accurate and reduce the frequency of false alarms. In the experimental test based on real data, the feasibility of this method is verified.","PeriodicalId":240400,"journal":{"name":"2021 IEEE 4th Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC)","volume":"90 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE 4th Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IMCEC51613.2021.9482334","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
Compound attacks have become the most threatening form of network attacks. Intrusion detection systems can detect attacks but cannot predict attacks. In order to more accurately reflect the network security situation, this paper analyzes the shortcomings of traditional attack prediction algorithms, and proposes to establish a hidden Markov model based on the change of the host's security status with the change of the observation sequence. The Baum-Welch algorithm is used to optimize the configuration parameters of the evaluation model. Quantitative analysis is used to obtain the security situation of the entire network, and the parameters of the HMM model are optimized to make the calculation of the predicted attack probability more accurate and reduce the frequency of false alarms. In the experimental test based on real data, the feasibility of this method is verified.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
