|
|
计算机应用研究 2009
Intrusion scenarios building based on hidden Markov models
|
Abstract:
This paper proposed an intrusion scenario building method using hidden Markov model, and carried out the goal of constructing higher level intrusion scenario automatically from numerous low-grade original intrusion detection alerts information. In order to simplify the treat process, the approach completed intrusion scenario building using the process of abstracting the data flow twice and backtracking it once on date streams. Experiment results on DARPA2000 IDS test dataset indicate that the proposed algorithm is efficient.
