Title :
HMM-based integration of multiple models for intrusion detection
Author :
Xiuqing, Chen ; Ongping, Zhang Y. ; Jiutao, Tang
Author_Institution :
Sch. of Comput. Sci. & Technol., China Univ. of Min. & Technol., Xuzhou, China
Abstract :
In this paper, a novel intrusion detection system based on hidden Markov model, analyzing with Fast Adaptive Clustering Algorithm, combining the characteristic of dynamic adaption and sniffing from multi-model has been proposed. The proposed detection model combines qualities from all these categories, anomaly detection and misuse detection. The proposed mechanism not only takes the responsibility to collect and detect all of the desired information on each different stage, but also denotes specific clustering algorithm to indicate the significance of possible influence on each clustered data. All of the clustered data and detected normal/abnormal signals will be transferred to the database of the anomaly detection model for further integrated evaluation on those multiple observing factors based on hidden Markov model algorithm. The experimental results with the KDD Cup99 data sets demonstrate that the proposed IDS mechanism possesses good efficiency and has a high detection rate.
Keywords :
hidden Markov models; pattern clustering; security of data; KDD Cup99 data sets; anomaly detection; detection rate; dynamic adaption; fast adaptive clustering algorithm; hidden Markov model; integrated evaluation; intrusion detection system; misuse detection; multiple models; multiple observing factors; sniffing; Adaptation model; Hidden Markov models; Fast Adaptive Clustering Algorithm; anomaly detection; detection rate; hidden Markov model; misuse detection;
Conference_Titel :
Advanced Computer Theory and Engineering (ICACTE), 2010 3rd International Conference on
Conference_Location :
Chengdu
Print_ISBN :
978-1-4244-6539-2
DOI :
10.1109/ICACTE.2010.5579109
