Contemporary sequential network attacks prediction using hidden Markov model
Timothy Chadza
Kostas Kyriakopoulos
Sangarapillai Lambotharan
2134/38322
https://repository.lboro.ac.uk/articles/conference_contribution/Contemporary_sequential_network_attacks_prediction_using_hidden_Markov_model/9547751
Intrusion prediction is a key task for forecasting
network intrusions. Intrusion detection systems have been
primarily deployed as a first line of defence in a network,
however; they often suffer from practical testing and evaluation
due to unavailability of rich datasets. This paper evaluates
the detection accuracy of determining all states (AS), the
current state (CS), and the prediction of next state (NS) of
an observation sequence, using the two conventional Hidden
Markov Model (HMM) training algorithms, namely, Baum
Welch (BW) and Viterbi Training (VT). Both BW and VT were
initialised using uniform, random and count-based parameters
and the experiment evaluation was conducted on the CSE-CICIDS2018 dataset. Results show that the BW and VT countbased initialisation techniques perform better than uniform and
random initialisation when detecting AS and CS. In contrast,
for NS prediction, uniform and random initialisation techniques
perform better than BW and VT count-based approaches.
2019-07-12 12:26:03
Intrusion prediction
Hidden Markov model
Baum Welch
Viterbi training
CSE-CIC-IDS2018 dataset
Mechanical Engineering not elsewhere classified