Machine learning techniques for the computer security domain of anomaly detection
Machine learning techniques for the computer security domain of anomaly detection
Lightweight monitoring of MPI programs in real time: Research Articles
Concurrency and Computation: Practice & Experience
Incremental estimation of discrete hidden Markov models based on a new backward procedure
AAAI'05 Proceedings of the 20th national conference on Artificial intelligence - Volume 2
A sense of self for Unix processes
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Determining the operational limits of an anomaly-based intrusion detector
IEEE Journal on Selected Areas in Communications
| Hi-index | 0.00 |
Anomaly detection systems are developed by learning a baseline-model from a set of events captured from a computer system operating under normal conditions. The model is then used to recognize unusual activities as deviations from normality. Hidden Markov models (HMMs) are powerful probabilistic finite state machines that have been used to acquire these baseline-models. Although previous research has indicated that HMMs can effectively represent complex sequences, the traditional learning algorithm for HMMs is too computationally expensive for use with real-world anomaly detection systems. This paper describes the use of a novel incremental learning algorithm for HMMs that allows the efficient acquisition of anomaly detection models. The new learning algorithm requires less memory and training time than previous approaches for learning discrete HMMs and can be used to perform online learning of accurate baseline-models from complex computer applications to support anomaly detection.