Adaptive intrusion prevention algorithm based on HMM Model

Intrusion prevention technologies and mechanisms have been developed to enhance the network security. Model-based approach is one of the most promising approaches for intrusion prevention and intrusion detection, since it can reveal the hidden characteristic of time series. Hidden Markov Model (HMM)...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:2011 International Conference on E-Business and E-Government s. 1 - 4
Hlavní autoři: Xiuqing, Chen, Yongping, Zhang, Yu, Guo
Médium: Konferenční příspěvek
Jazyk:angličtina
Vydáno: IEEE 01.05.2011
Témata:
Adaptation model
Clustering algorithms
Computational modeling
fast adaptive clustering algorithm
Hidden Markov Model
Hidden Markov models
Intrusion detection
intrusion prevention
network security
Training
ISBN:9781424486915, 1424486912
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Intrusion prevention technologies and mechanisms have been developed to enhance the network security. Model-based approach is one of the most promising approaches for intrusion prevention and intrusion detection, since it can reveal the hidden characteristic of time series. Hidden Markov Model (HMM) is a main time series model. In the implement of the intrusion prevention mechanism, the combination of fast adaptive clustering algorithm and intrusion prevention algorithm is used to redetection, which can adaptively update model, and raise speed of detection. Experimental results with the KDD Cup99 data sets demonstrate that false positive rate of the detection algorithm is lower than conventional model-based detection algorithm, while the detection rate is still kept in a good state.
ISBN:9781424486915
1424486912
DOI:10.1109/ICEBEG.2011.5876661