Using Hidden Markov Models to Evaluate the Risks of Intrusions System Architecture and Model Validation

机译：使用隐马尔可夫模型评估入侵系统架构和模型验证的风险

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

Security-oriented risk assessment tools are used to determine the impact of certain events on the security status of a network. Most existing approaches are generally limited to manual risk evaluations that are not suitable for real-time use. In this paper, we introduce an approach to network risk assessment that is novel in a number of ways. First of all, the risk level of a network is determined as the composition of the risks of individual hosts, providing a more precise, fine-grained model. Second, we use Hidden Markov models to represent the likelihood of transitions between security states. Third, we tightly integrate our risk assessment tool with an existing framework for distributed, large-scale intrusion detection, and we apply the results of the risk assessment to prioritize the alerts produced by the intrusion detection sensors. We also evaluate our approach on both simulated and real-world data.

机译：面向安全的风险评估工具用于确定某些事件对网络安全状态的影响。大多数现有方法通常限于不适合实时使用的手动风险评估。在本文中，我们介绍了一种以多种方式新颖的网络风险评估方法。首先，将网络的风险级别确定为单个主机的风险组成，从而提供更精确，更细粒度的模型。其次，我们使用隐马尔可夫模型来表示安全状态之间转换的可能性。第三，我们将风险评估工具与用于分布式，大规模入侵检测的现有框架紧密集成在一起，并且我们将风险评估的结果用于对入侵检测传感器产生的警报进行优先级排序。我们还将评估我们在模拟和真实数据上的方法。

著录项

来源
《International Symposium on Recent Advances in Intrusion Detection(RAID 2006); 20060920-22; Hamburg(DE)》|2006年|145-164|共20页
会议地点 Hamburg(DE)
作者
Andre Arnes; Fredrik Valeur; Giovanni Vigna; Richard A. Kemmerer;
展开▼
作者单位

Centre for Quantifiable Quality of Service in Communication Systems Norwegian University of Science and Technology O.S. Bragstads plass 2E, N-7491 Trondheim, Norway;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类安全保密;
关键词
risk assessment; intrusion detection; hidden markov modeling;

机译：风险评估;入侵检测;隐藏的马尔可夫建模;

相似文献

外文文献
中文文献
专利

1. An optic-fiber fence intrusion recognition system using mixture Gaussian hidden Markov models [J] . Zhixian Ma, Yao Liang, Jie Zhu IEICE Electronics Express . 2017,第5期

机译：基于混合高斯隐马尔可夫模型的光纤围栏入侵识别系统
2. HMMPayl: An intrusion detection system based on Hidden Markov Models [J] . Davide Ariu, Roberto Tronci, Giorgio Giacinto Computers & Security . 2011,第4期

机译：HMMPayl：基于隐马尔可夫模型的入侵检测系统
3. Intrusion Detection Based on Dynamic Behavior Modeling: Reinforcement Learning versus Hidden Markov Models [J] . Xin Xu International Journal of Computational I . 2017,第1期

机译：基于动态行为建模的入侵检测：强化学习与隐马尔可夫模型
4. Using Hidden Markov Models to Evaluate the Risks of Intrusions System Architecture and Model Validation [C] . Andre Arnes, Fredrik Valeur, Giovanni Vigna, International Symposium on Recent Advances in Intrusion Detection(RAID 2006); 20060920-22; Hamburg(DE) . 2006

机译：使用隐马尔可夫模型评估入侵系统架构和模型验证的风险
5. An attacker intention discovery layer for intrusion detection systems using hidden Markov models [D] . Koskei, Jordan Kiprop 2011

机译：使用隐马尔可夫模型的入侵检测系统的攻击者意图发现层
6. Nonparametric model validations for hidden Markov models with applications in financial econometrics [O] . Zhibiao Zhao -1

机译：隐藏马尔可夫模型的非参数模型验证在金融计量经济学中的应用程序
7. DIPS: A Framework for Distributed Intrusion Prediction and Prevention Using Hidden Markov Models and Online Fuzzy Risk Assessment [O] . Kjetil Haslum, Ajith Abraham, Svein Knapskog 2008

机译：DIps：使用隐马尔可夫模型和在线模糊风险评估的分布式入侵预测和预防框架
8. Detection and Classification of Network Intrusions Using Hidden Markov Models [R] . Radosavac, S. 2002

机译：基于隐马尔可夫模型的网络入侵检测与分类

Using Hidden Markov Models to Evaluate the Risks of Intrusions System Architecture and Model Validation

摘要

著录项

相似文献

相关主题

期刊订阅