Intrusion prediction is a key task for forecasting
network intrusions. Intrusion detection systems have been
primarily deployed as a first line of defence in a network,
however; they often suffer from practical testing and evaluation
due to unavailability of rich datasets. This paper evaluates
the detection accuracy of determining all states (AS), the
current state (CS), and the prediction of next state (NS) of
an observation sequence, using the two conventional Hidden
Markov Model (HMM) training algorithms, namely, Baum
Welch (BW) and Viterbi Training (VT). Both BW and VT were
initialised using uniform, random and count-based parameters
and the experiment evaluation was conducted on the CSE-CICIDS2018 dataset. Results show that the BW and VT countbased initialisation techniques perform better than uniform and
random initialisation when detecting AS and CS. In contrast,
for NS prediction, uniform and random initialisation techniques
perform better than BW and VT count-based approaches.
Funding
This work has been supported by the Gulf Science, Innovation and Knowledge Economy Programme of the UK Government under UK-Gulf Institutional Link grant IL 279339985.
History
School
Mechanical, Electrical and Manufacturing Engineering
Published in
17th International Conference on Privacy, Security, and Trust (PST 2019)
Citation
CHADZA, T.A., KYRIAKOPOULOS, K.G. and LAMBOTHARAN, S., 2019. Contemporary sequential network attacks prediction using hidden Markov model. Presented at the 17th International Conference on Privacy, Security, and Trust (PST 2019), Fredericton, NB, Canada, 26-28th August.