Abstract
Because of the excellent performance of the HMM (Hidden Markov Model), it has been widely used in pattern recognition. In recent years, the HMM has also been applied to the intrusion detection. The intrusion detection method based on the HMM is more efficient than other methods. Due to the high false alarm rate in the classical IDS based on HMM, this paper proposes a Fuzzy approach to the Hidden Markov Models (HMM), called Fuzzy Hidden Markov Models (FHMM). It is introduced with the Fuzzy logic. The system has the simplicity and flexibility to adapt pattern changes. With the IDS based on FHMM, its robustness and accurate rate of detection model are greatly improved. For these reasons, a new intrusion detection method based on FHMM was proposed in this paper. The proposed method differs from STIDE in that only one profile is created for the normal behavior of all applications using short sequences of system calls issued by the normal runs of the programs. Subsequent to this, HMM with simple states along with STIDE is used to categorize an unknown programpsilas sequence of system calls to be either normal or an intrusion. The results on 1998 DARPA data show that the our method results in low false positive rate with high detection rate.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.