Network Traffic Anomaly Detection based on Viterbi Algorithm Using SNMP MIB Data

Abstract

With the growing number of attacks and malicious threats on the Internet services and network infrastructures, the need for techniques to identify and detect attacks is increasing. One of the most critical attack for cyber security and serious security threat to Internet services in recent years is Denial of Service (DoS). Therefore, using machine learning techniques along traditional security mechanisms such as firewall and cryptography, can improve the performance of intrusion detection systems (IDSs). This research paper introduces an approach using Hidden Markov Model (HMM) based on Viterbi algorithm for detecting anomalies on SNMP MIB dataset, and compares it to two classification algorithms: Adaboost M1 and Naive Bayes algorithm. The obtained results show HMM based on Viterbi algorithm found effective and achieved great results in detecting the attacks with a high detection rate.