DocumentCode :
2138423
Title :
A new anomaly detection method based on hierarchical HMM
Author :
Zhang, Xiaoqiang ; Fan, Pingzhi ; Zhu, Zhongliang
Author_Institution :
Sch. of Comput. & Commun. Eng., Southwest Jiaotong Univ., Chengdu, China
fYear :
2003
fDate :
27-29 Aug. 2003
Firstpage :
249
Lastpage :
252
Abstract :
The state transition, which is hidden in the hidden Markov model (HMM), can be used to characterize the intrinsic difference between normal action and intrusion behavior. So HMM is an efficient way to detect anomalies. A new anomaly detection method based on a hierarchical HMM is proposed based on the concept of normal database and abnormal database. It is shown by analysis and simulation results that the proposed method is effective to increase the accuracy of anomaly detection.
Keywords :
alarm systems; authorisation; database management systems; hidden Markov models; safety systems; IDS; abnormal database; anomaly detection method; hidden Markov model; hierarchical HMM; intrusion behavior; intrusion detection system; normal database; state transition; Analytical models; Data mining; Databases; Hidden Markov models; Intrusion detection; Neural networks; Pattern recognition; Power system modeling; Support vector machines; Viterbi algorithm;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Parallel and Distributed Computing, Applications and Technologies, 2003. PDCAT'2003. Proceedings of the Fourth International Conference on
Print_ISBN :
0-7803-7840-7
Type :
conf
DOI :
10.1109/PDCAT.2003.1236299
Filename :
1236299
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2138423
بازگشت