一种新的基于层次HMM的异常检测方法

Proceedings of the Fourth International Conference on Parallel and Distributed Computing, Applications and Technologies Pub Date : 2003-10-20 DOI:10.1109/PDCAT.2003.1236299

Xiaoqiang Zhang, P. Fan, Zhongliang Zhu

{"title":"一种新的基于层次HMM的异常检测方法","authors":"Xiaoqiang Zhang, P. Fan, Zhongliang Zhu","doi":"10.1109/PDCAT.2003.1236299","DOIUrl":null,"url":null,"abstract":"The state transition, which is hidden in the hidden Markov model (HMM), can be used to characterize the intrinsic difference between normal action and intrusion behavior. So HMM is an efficient way to detect anomalies. A new anomaly detection method based on a hierarchical HMM is proposed based on the concept of normal database and abnormal database. It is shown by analysis and simulation results that the proposed method is effective to increase the accuracy of anomaly detection.","PeriodicalId":145111,"journal":{"name":"Proceedings of the Fourth International Conference on Parallel and Distributed Computing, Applications and Technologies","volume":"16 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2003-10-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"44","resultStr":"{\"title\":\"A new anomaly detection method based on hierarchical HMM\",\"authors\":\"Xiaoqiang Zhang, P. Fan, Zhongliang Zhu\",\"doi\":\"10.1109/PDCAT.2003.1236299\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The state transition, which is hidden in the hidden Markov model (HMM), can be used to characterize the intrinsic difference between normal action and intrusion behavior. So HMM is an efficient way to detect anomalies. A new anomaly detection method based on a hierarchical HMM is proposed based on the concept of normal database and abnormal database. It is shown by analysis and simulation results that the proposed method is effective to increase the accuracy of anomaly detection.\",\"PeriodicalId\":145111,\"journal\":{\"name\":\"Proceedings of the Fourth International Conference on Parallel and Distributed Computing, Applications and Technologies\",\"volume\":\"16 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2003-10-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"44\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the Fourth International Conference on Parallel and Distributed Computing, Applications and Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PDCAT.2003.1236299\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the Fourth International Conference on Parallel and Distributed Computing, Applications and Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PDCAT.2003.1236299","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 44

摘要

隐藏在隐马尔可夫模型(HMM)中的状态转移可以用来表征正常行为和入侵行为之间的内在差异。HMM是一种有效的异常检测方法。基于正常数据库和异常数据库的概念，提出了一种基于层次HMM的异常检测方法。分析和仿真结果表明，该方法能有效提高异常检测的精度。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A new anomaly detection method based on hierarchical HMM

The state transition, which is hidden in the hidden Markov model (HMM), can be used to characterize the intrinsic difference between normal action and intrusion behavior. So HMM is an efficient way to detect anomalies. A new anomaly detection method based on a hierarchical HMM is proposed based on the concept of normal database and abnormal database. It is shown by analysis and simulation results that the proposed method is effective to increase the accuracy of anomaly detection.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the Fourth International Conference on Parallel and Distributed Computing, Applications and Technologies

自引率

0.00%

发文量