An entropic estimator for structure discovery
Proceedings of the 1998 conference on Advances in neural information processing systems II
A framework for constructing features and models for intrusion detection systems
ACM Transactions on Information and System Security (TISSEC)
Hidden Markov Model} Induction by Bayesian Model Merging
Advances in Neural Information Processing Systems 5, [NIPS Conference]
Benchmarking Anomaly-Based Detection Systems
DSN '00 Proceedings of the 2000 International Conference on Dependable Systems and Networks (formerly FTCS-30 and DCCA-8)
A sequential pruning strategy for the selection of the number of states in hidden Markov models
Pattern Recognition Letters
An Architecture for Intrusion Detection Using Autonomous Agents
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Distributed and control theoretic approach to intrusion detection
IWCMC '07 Proceedings of the 2007 international conference on Wireless communications and mobile computing
Improving network security using genetic algorithm approach
Computers and Electrical Engineering
Asset priority risk assessment using hidden markov models
Proceedings of the 10th ACM conference on SIG-information technology education
Anomaly detection via feature-aided tracking and hidden Markov models
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans - Special section: Best papers from the 2007 biometrics: Theory, applications, and systems (BTAS 07) conference
Proceedings of the 16th ACM SIGKDD international conference on Knowledge discovery and data mining
Markov anomaly modeling for trust management in variable threat environments
Proceedings of the 48th Annual Southeast Regional Conference
Performance issues on integration of security services
Transactions on computational science XI
| Hi-index | 0.00 |
Hidden Markov Model (HMM) based applications are common in various areas, but the incorporation of HMM's for anomaly detection is still in its infancy. This paper aims at classifying the TCP network traffic as an attack or normal using HMM. The paper's main objective is to build an anomaly detection system, a predictive model capable of discriminating between normal and abnormal behavior of network traffic. In the training phase, special attention is given to the initialization and model selection issues, which makes the training phase particularly effective. For training HMM, 12.195% features out of the total features (5 features out of 41 features) present in the KDD Cup 1999 data set are used. Result of tests on the KDD Cup 1999 data set shows that the proposed system is able to classify network traffic in proportion to the number of features used for training HMM. We are extending our work on a larger data set for building an anomaly detection system.