Simple, state-based approaches to program-based anomaly detection
ACM Transactions on Information and System Security (TISSEC)
A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
A wireless intrusion detection method based on neural network
ACST'06 Proceedings of the 2nd IASTED international conference on Advances in computer science and technology
Intrusion detection using sequences of system calls
Journal of Computer Security
| Hi-index | 0.00 |
Hidden Markov Methodology, with particular care to the parameter estimation and the training phase, represents a powerful finite state machine, suitable in various recognition problems. This paper investigated the capabilities of this methodology in anomaly-based intrusion detection. The model training is performed using ML criterion, based on the gradient method. Since the attacks recognition is considered as a decoding problem, the MAP and the max log MAP algorithms combined with gradient based method were applied. The comparison between these two decoding algorithms as a strategy in anomalybased IDS is represented as well.