Multi-Stage Intrusion Detection System Using Hidden Markov Model Algorithm

Along with the development of Internet of Things (IOT), there are a lot of increasingly serious security problems. The traditional intrusion detection method cannot adapt to the requirement of IOT. In this paper we advance a new intrusion detection method which can adapt to IOT. It is based on Hidden Markov Model (HMM), which is named as Hidden Markov state time delay sequence embedding (HMMSTdse) method.

Download Full-text

Intrusion Detection Using Hidden Markov Model and XGBoost Algorithm

International Journal of Scientific Research in Computer Science Engineering and Information Technology ◽

10.32628/cseit206287 ◽

2020 ◽

pp. 466-470

Author(s):

Sanjana Gawali ◽

Prerana Agale ◽

Sandhya Ghorpade ◽

Rutuja Gawade ◽

Prabodh Nimat

Keyword(s):

Intrusion Detection ◽

Markov Model ◽

Hidden Markov Model ◽

Communication Networks ◽

Intrusion Detection System ◽

Hidden Markov ◽

Detection System ◽

Critical Issue ◽

Machine Learning Algorithms ◽

User Data

Security has been widely concerned and recognized as a critical issue in wireless communication networks recently, because the openness of the wireless medium allows unintended receivers i. e. intruders to potentially eavesdrop on the transmitted messages. Unauthorized access by an intruder can be monitored by Intrusion detection system. Machine learning algorithms such as Hidden Markov Model and Extreme gradient boost algorithm can be used for intrusion detection based on CICIDS dataset. Based on dataset, algorithms create classifiers of signatures of particular attack. These trained classifiers are tested against user data for intrusion detection. System reports attack in network. Here, XGBoost classifier gives higher accuracy compared to HMM classifier.

Download Full-text

Hidden Markov Model (HMM) based Anomaly Intrusion Detection System (IDS) Boosted by GPU

Korean Journal of Military Art and Science ◽

10.31066/kjmas.2014.70.1.007 ◽

2014 ◽

Vol 70 (1) ◽

pp. 159-174

Author(s):

김대건

Keyword(s):

Intrusion Detection ◽

Markov Model ◽

Hidden Markov Model ◽

Intrusion Detection System ◽

Hidden Markov ◽

Detection System ◽

Anomaly Intrusion Detection

Download Full-text

Dynamic intrusion detection system based on feature extraction and multidimensional hidden Markov model analysis

43rd Annual 2009 International Carnahan Conference on Security Technology ◽

10.1109/ccst.2009.5335559 ◽

2009 ◽

Cited By ~ 1

Author(s):

Chang-Lung Tsai ◽

Allen Y. Chang ◽

Chun-Jung Chen ◽

Wen-Jieh Yu ◽

Ling-Hong Chen

Keyword(s):

Feature Extraction ◽

Intrusion Detection ◽

Markov Model ◽

Hidden Markov Model ◽

Intrusion Detection System ◽

Hidden Markov ◽

Detection System ◽

Model Analysis

Download Full-text

Multi-Layer Hidden Markov Model Based Intrusion Detection System

Machine Learning and Knowledge Extraction ◽

10.3390/make1010017 ◽

2018 ◽

Vol 1 (1) ◽

pp. 265-286 ◽

Cited By ~ 7

Author(s):

Wondimu Zegeye ◽

Richard Dean ◽

Farzad Moazzami

Keyword(s):

Machine Learning ◽

Intrusion Detection ◽

Markov Model ◽

Hidden Markov Model ◽

Hidden Markov ◽

Detection System ◽

Traffic Monitoring ◽

Machine Learning Algorithms ◽

Full Potential ◽

Multi Phase

The all IP nature of the next generation (5G) networks is going to open a lot of doors for new vulnerabilities which are going to be challenging in preventing the risk associated with them. Majority of these vulnerabilities might be impossible to detect with simple networking traffic monitoring tools. Intrusion Detection Systems (IDS) which rely on machine learning and artificial intelligence can significantly improve network defense against intruders. This technology can be trained to learn and identify uncommon patterns in massive volume of traffic and notify, using such as alert flags, system administrators for additional investigation. This paper proposes an IDS design which makes use of machine learning algorithms such as Hidden Markov Model (HMM) using a multi-layer approach. This approach has been developed and verified to resolve the common flaws in the application of HMM to IDS commonly referred as the curse of dimensionality. It factors a huge problem of immense dimensionality to a discrete set of manageable and reliable elements. The multi-layer approach can be expanded beyond 2 layers to capture multi-phase attacks over longer spans of time. A pyramid of HMMs can resolve disparate digital events and signatures across protocols and platforms to actionable information where lower layers identify discrete events (such as network scan) and higher layers new states which are the result of multi-phase events of the lower layers. The concepts of this novel approach have been developed but the full potential has not been demonstrated.

Download Full-text

A Hidden Markov Model Combined With Markov Games for Intrusion Detection in Cloud

Journal of Cases on Information Technology ◽

10.4018/jcit.2019100102 ◽

2019 ◽

Vol 21 (4) ◽

pp. 14-26 ◽

Cited By ~ 1

Author(s):

Priti Narwal ◽

Deepak Kumar ◽

Shailendra N. Singh

Keyword(s):

Intrusion Detection ◽

Markov Model ◽

Hidden Markov Model ◽

Cyber Security ◽

Hidden Markov ◽

Detection System ◽

Network Analyzer ◽

Optimal Sequence ◽

Markov Games ◽

Training Examples

Cloud computing has evolved as a new paradigm for management of an infrastructure and gained ample consideration in both industrial and academic area of research. A hidden Markov model (HMM) combined with Markov games can give a solution that may act as a countermeasure for many cyber security threats and malicious intrusions in a network or in a cloud. A HMM can be trained by using training sequences that may be obtained by analyzing the file traces of packet analyzer like Wireshark network analyzer. In this article, the authors have proposed a model in which HMM can be build using a set of training examples that are obtained by using a network analyzer (i.e., Wireshark). As it is not an intrusion detection system, the obtained file traces may be used as training examples to test a HMM model. It also predicts a probability value for each tested sequence and states if sequence is anomalous or not. A numerical example is also shown in this article that calculates the most optimal sequence of observations for both HMM and state sequence probabilities in case a HMM model is already given.

Download Full-text