CFP last date
20 December 2024
Reseach Article

Incorporating Hidden Markov Model into Anomaly Detection Technique for Network Intrusion Detection

by J. Chandrakanta Badajena, Chinmayee Rout
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 53 - Number 11
Year of Publication: 2012
Authors: J. Chandrakanta Badajena, Chinmayee Rout
10.5120/8469-2395

J. Chandrakanta Badajena, Chinmayee Rout . Incorporating Hidden Markov Model into Anomaly Detection Technique for Network Intrusion Detection. International Journal of Computer Applications. 53, 11 ( September 2012), 42-47. DOI=10.5120/8469-2395

@article{ 10.5120/8469-2395,
author = { J. Chandrakanta Badajena, Chinmayee Rout },
title = { Incorporating Hidden Markov Model into Anomaly Detection Technique for Network Intrusion Detection },
journal = { International Journal of Computer Applications },
issue_date = { September 2012 },
volume = { 53 },
number = { 11 },
month = { September },
year = { 2012 },
issn = { 0975-8887 },
pages = { 42-47 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume53/number11/8469-2395/ },
doi = { 10.5120/8469-2395 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T20:53:52.996009+05:30
%A J. Chandrakanta Badajena
%A Chinmayee Rout
%T Incorporating Hidden Markov Model into Anomaly Detection Technique for Network Intrusion Detection
%J International Journal of Computer Applications
%@ 0975-8887
%V 53
%N 11
%P 42-47
%D 2012
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Now-a-days to increase the computation efficiency distributed systems are used in which the computing resources are shared among several systems. Such openness of distributed system leads to increase in potential attacks on the hardware and software by exploration of system vulnerability. This paper presents implementation of Intrusion Detection System (IDS) to model the behavior of users using Hidden Markov Model (HMM). This model attempts to detect intrusive attack efficiently. The IDS is an identification system which can be characterized by probabilities of false acceptance and false rejection. False acceptance means that the IDS allow intruders to continue their activity. False rejection means that the IDS stops the activity of a legitimate user. IDS can be developed by adoption of an appropriate mathematical model that allows us to generate user profiles efficiently and facilitates an effective and accurate decision-making process for intrusion detection. Due to the nondeterministic nature of user behavior, the decision about intrusive or nonintrusive behavior must take into account all evidence for and against the claim. So the probabilistic approach is to be implemented to model user profile to detect attack.

References
  1. Barford P. , Kline J. , Plonka D. , Ron A. : A Signal Analysis of N e t wo r k Tr a f fi c An o ma l i e s , Proc. of the 2nd ACMSIGCOMM Workshop on Internet Measurements, 71 - 82 (2002)
  2. Biswanath Mukherjee, Todd L. Heberlein, and Karl N. Levitt. Network intrusion detection, IEEE Network, 8(3): 26-41,May/June 1994
  3. Cisco Systems, Inc. , "Defining strategies to protect against TCP SYN denial of service attacks," July 1999, http://www. cisco. com/warp/ public /707 /4. html.
  4. Hajji H. Statistical Analysis of Network Traffic for Adaptive Faults detection. IEEE Trans. Vol. 16, no. 5, 1053- 1063 (2005)
  5. J. Mirkovic, G. Prier, and P. Reiher, "Attacking ddos at the source," 2002.
  6. KDD Cup1999 Data, Information and Compter Science, University of California, Irvine. http:// kdd. ics. uci. edddatabases/kddcup99/kddcup99 . html
  7. Kevin J. Houle and George M. Weaver, "Trends in denial of service attack technology," http://www. cert. org /archive /pdf/DoStrends. pdf, October 2001.
  8. Kim S. S. Reddy A. : Statistical Techniques for Detecting Traffic Anomalies Through Packet Header Data. Accepted by IEEE/ACM Tran. Networking (2008)
  9. L. Lee W. , Xiang D. : Information-Theoretic Measures for Anomaly Detection. Proc. Of IEEE Symposium on security and privacy. (2001)
  10. Nong Ye,Xiangyang Li,Qiang chen, Sayed Masum Emran and Ming ming Xu "Probabilistic Techniques for Intrusion Detection Based on Computer Audit Data. " IEEE Transaction Systems, mans and cybernetics
  11. S. Bellovin, "Distributed denial of service attacks," Feb. 2000, http://www. research. att. com /~smb/talks.
  12. Sung-Bae Cho, "Incorporating soft computing Techni ques Into a Probabilistic Intrusion Detection System" IEEE Transaction Systems, mans and cybernetics, Vol. 32, No. 2.
  13. Thotta M. , Ji C. : Anomaly Detection in IP Networks. IEEE Trans. Vol. 51, No. 8, 2191-2004 (2003)
  14. T. H. Ptacek and T. N. Newsham, "Insertion, evasion, and denial of service: eluding Network intrusion detection," Secure Networks, Inc. , Jan. 1998
  15. Yang Y. , eng F. , Yang H. : An unsupervised Anomaly Detection Approach using Subtractive Clustering and Hidden Markov Model. Communications and Networking in China. (2007)
Index Terms

Computer Science
Information Sciences

Keywords

Intrusion detection System Anomaly detection technique Hidden Markov Model KDD Cup 1999 data set