Zhang yanxue
College of Mathematics and Information Science, Hebei Normal University, Shijiazhuang, 050000, China
Zhao Dongmei
College of Information Technology, Hebei Normal University, Shijiazhuang, 050000, China
Liu Jinxing
The First Aeronautics College of PLAAF, Xinyang, 464000, China
ABSTRACT
We integrate the approach of forecasting multi-step attack, the association rule, fuzzy evaluation and Hidden Markov Model (HMM) and support the method of forecasting multi-step attack based on fuzzy Hidden Markov Model. Firstly, we fuse raw alerts into super alert. Then we obtain the initial state matrix by the probability of the attack, determine the state transition matrix by the association rule and obtain the observation matrix by fuzzy evaluation. Finally, we recognize the alert belonging to attack scenarios with the Forward algorithm of HMM and forecast the next possible attack sequence with the Viterbi algorithm of HMM. Simulation experiments results verify the validity of the approach.
PDF References Citation
Received: August 02, 2013;
Accepted: October 08, 2013;
Published: November 13, 2013
How to cite this article
Zhang yanxue, Zhao Dongmei and Liu Jinxing, 2013. Approach to Forecasting Multi-step Attack Based on Fuzzy Hidden Markov Model. Journal of Applied Sciences, 13: 4955-4960.
DOI: 10.3923/jas.2013.4955.4960
URL: https://scialert.net/abstract/?doi=jas.2013.4955.4960
DOI: 10.3923/jas.2013.4955.4960
URL: https://scialert.net/abstract/?doi=jas.2013.4955.4960
REFERENCES
- Cao, H., Q.Q. Wang, Z.Y. Ma and P. Luo, 2007. Attack prediction model based on static Bayesian game. Appl. Res. Comput., 24: 122-124.
Direct Link - Wang, Z.L. and X.P. Cheng, 2005. An Attack predictive algorithm based on the correlation of intrusions alerts in intrusion response. Comput. Sci., 32: 144-146.
Direct Link - Wu, R.Y., W.G. Li and H. Huang, 2008. An attack modeling based on hierarchical colored petri nets. Proceedings of the International Conference on Computer and Electrical Engineering, December 20-22, 2008, Phuket, pp: 918-921.
CrossRef - Xie, B.L, S.G. Jiang and Q.S. Zhang, 2013. Application-layer DDoS attack detection based on request keywords. Comput. Sci., 40: 121-125.
Direct Link - Yan, F., H. Huang and X.C. Yin, 2006. A detection algorithm for multi-step attack based on CTPN. Chinese J. Comput., 29: 1383-1391.
Direct Link - Zhai, G.Q. and S.Y. Zhou, 2011. Construction and implementation of multistep attacks alert correlation model. J. Comput. Applic., 31: 1276-1279.
CrossRefDirect Link - Zhang, S.H., Y.D. Wang and J.H. Han, 2008. Approach to forecasting multi-step attack based on HMM. Comput. Eng., 34: 131-133.
Direct Link