Abstract

Intrusion detection systems perform well with single attack phase but not complex multi-step attacks which largely reduce their reliability. Multi-stage attack plan recognition aims at inferring attack plans and predicting upcoming attacks by analyzing the causal relationship between attack phases. Recent research often uses machine learning to deal with attack issues. However, some problems still exist. When probabilistic inference is applied to construct a causal network, researchers fail to take temporal sequence association into consideration, which makes it difficult for the model to deal with incomplete data. While the hidden Markov model can be used to recognize an attack plan, it cannot predict multiple intents nor their probabilities. This paper proposes a probability model based on the hidden Markov model and probabilistic inference responding to malicious events at runtime. This model uses online parameter updating rules which make it better suited to the rapidly changing cyber environment. Experimental results show that this model can achieve better performance compared to only using a single method and detect attack intent in an earlier stage.

Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Different serum soluble Fas levels in patients with allergic rhinitis and bronchial asthma.
M Kato ... Y Tamada
Allergy | VOL. 54
M Kato, et. al.M Kato ... Y Tamada
01 Dec 1999
Elevated HSP27 levels during attacks in patients with multiple sclerosis
P Ce ... O Erkizan
Acta Neurologica Scandinavica | VOL. 124
P Ce, et. al.P Ce ... O Erkizan
06 Jan 2011
Research on Key Technologies of Network Security Situational Awareness for Attack Tracking Prediction
Guang Kou ... Shuo Wang
Chinese Journal of Electronics | VOL. 28
Guang Kou, et. al.Guang Kou ... Shuo Wang
01 Jan 2019
Study on guidance approaches of hypersonic glide-cruise vehicle during cruise and attack phases
Xu Mingliang ... Tang Guojian
-
Xu Mingliang, et. al. Xu Mingliang ... Tang Guojian
01 Jun 2010
View more papers

More From: Computers & Security

Paper Title
Journal
Date
Author
An automated dynamic quality assessment method for cyber threat intelligence
Libin Yang ... Wei Lou
Computers & Security | VOL. -
Libin Yang, et. al.Libin Yang ... Wei Lou
01 Sep 2024
Dynamically Stabilized Recurrent Neural Network Optimized with Intensified Sand Cat Swarm Optimization for Intrusion Detection in Wireless Sensor Network
Dr A Punitha ... Dr Sridhar S
Computers & Security | VOL. -
Dr A Punitha, et. al.Dr A Punitha ... Dr Sridhar S
01 Sep 2024
AGLFuzz: Automata-Guided Fuzzing for detecting logic errors in security protocol implementations
Dongliang Zhao ... Xieli Zhang
Computers & Security | VOL. -
Dongliang Zhao, et. al.Dongliang Zhao ... Xieli Zhang
01 Sep 2024
GCN-MHSA: A novel malicious traffic detection method based on graph convolutional neural network and multi-head self-attention mechanism
Jinfu Chen ... Wuhao Guo
Computers & Security | VOL. -
Jinfu Chen, et. al.Jinfu Chen ... Wuhao Guo
01 Aug 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.