scholarly journals AA-HMM: An Anti-Adversarial Hidden Markov Model for Network-Based Intrusion Detection

2018 ◽  
Vol 8 (12) ◽  
pp. 2421 ◽  
Author(s):  
Chongya Song ◽  
Alexander Pons ◽  
Kang Yen
Keyword(s):  
Markov Model ◽  
Hidden Markov Model ◽  
Performance Metrics ◽  
Hidden Markov ◽  
Data Sets ◽  
Learning Abilities ◽  
Benchmark Data ◽  
Malicious Behavior ◽  
Network Intrusion ◽  
The Common

In the field of network intrusion, malware usually evades anomaly detection by disguising malicious behavior as legitimate access. Therefore, detecting these attacks from network traffic has become a challenge in this an adversarial setting. In this paper, an enhanced Hidden Markov Model, called the Anti-Adversarial Hidden Markov Model (AA-HMM), is proposed to effectively detect evasion pattern, using the Dynamic Window and Threshold techniques to achieve adaptive, anti-adversarial, and online-learning abilities. In addition, a concept called Pattern Entropy is defined and acts as the foundation of AA-HMM. We evaluate the effectiveness of our approach employing two well-known benchmark data sets, NSL-KDD and CTU-13, in terms of the common performance metrics and the algorithm’s adaptation and anti-adversary abilities.

scholarly journals Identifying Intrusion Behaviour using Enhanced Hidden Markov Model

2020 ◽  
Vol 9 (4) ◽  
pp. 1618-1623
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Markov Model ◽  
Hidden Markov Model ◽  
Credit Card ◽  
Hidden Markov ◽  
Network Intrusion Detection ◽  
Detection Accuracy ◽  
Constant Attention ◽  
Network Intrusion

Data Mining is a method for detecting network intrusion detection in networks. It brings ideas from variety of areas including statistics, machine learning and database processes. Decreasing price of digital networking is now economically viable for network intrusion detection. This analysis chiefly examines the system intrusion detection with machine learning and DM methods. To improve the accuracy and efficiency of SHMM, we are collecting multiple observation in SHMM that will be called as Multiple Hidden Markov Model (MHMM). It is used to improve better Detection accuracy compare with SHMM. In the standard Hidden Markov Model, we have observed three fundamental problems are Evaluation and decoding another one is learning problem. The Evaluation problem can be used for word recognition. And the Decoding problem is related to constant attention and also the segmentation. In this Proposed Research, the primary purpose is to model the sequence of observation in Network log and credit card log transactions process using Enhanced Hidden Markov Model (EHMM). And show how it can be used for intrusion detection in Network. In this procedure, an EHMM is primarily trained with the conventional manners of a intruders. If the trained EHMM does not recognize an incoming Intruder transaction with adequately high probability, it is thought to be fraudulent.

scholarly journals Hidden Markov Model Based Fault Tolerance in Credit Card Transaction Security

2018 ◽  
Vol 7 (2.32) ◽  
pp. 153
Author(s):  
N Arunachalam ◽  
P Prabavathy ◽  
S Priyatharshini
Keyword(s):  
Markov Model ◽  
Hidden Markov Model ◽  
Credit Card ◽  
Hidden Markov ◽  
Roc Curves ◽  
Transaction Processing ◽  
Data Sets ◽  
Image Process ◽  
Detection Model ◽  
Genuine Use

Credit card fake detection has raised unique challenges due to the streaming, imbalanced, and non-stationary nature of the data that has been transacted. It had additionally included an active learning step, since the labeling (fake or genuine) use of a subset on transactions is obtained in near-real time through human investigators contacted the cardholders. In this paper, the Hidden Markov Model (HMM) algorithm has been used for sequence of Credit card operations for transaction processing and the fake can be detected by using the fake detection model during transaction processing. HMM, Fake detection model and image process had played an imperative role in the detection of credit card fake in online transactions. In fake detection, most challenging is a data problem, due to two major reasons – first, the profiles of cardholders are normal and fake lent behaviors changed constantly and secondly, credit card fake data sets are highly changed its position. Using fake detection (FD) algorithm the performance of detection in credit card transactions had highly affected by the sampling approach on dataset, selection of HMM, Fake detection model. Using fake detection (FD) algorithm an image technique had been used. A reliable augmentation of the target scarce population of fakes are  important considering issues such as labeling cost; algorithm HMM, fake detection and outlines in the data streamed source. We have approached several scenarios which showed the feasibility of improving detection capabilities evaluated by means of receiver operating characteristic (ROC) curves and several key performance indicators (KPI) commonly used in financial business.  

scholarly journals A Hidden Markov Model for Investigating Recent Positive Selection through Haplotype Structure

2014 ◽  
Author(s):  
Hua Chen ◽  
Jody Hey ◽  
Montgomery Slatkin
Keyword(s):  
Markov Model ◽  
Hidden Markov Model ◽  
Positive Selection ◽  
Genetic Model ◽  
Hidden Markov ◽  
Large Data ◽  
Data Sets ◽  
Recent Positive Selection ◽  
A Genome ◽  
Wide Range

Recent positive selection can increase the frequency of an advantageous mutant rapidly enough that a relatively long ancestral haplotype will be remained intact around it. We present a hidden Markov model (HMM) to identify such haplotype structures. With HMM identified haplotype structures, a population genetic model for the extent of ancestral haplotypes is then adopted for parameter inference of the selection intensity and the allele age. Simulations show that this method can detect selection under a wide range of conditions and has higher power than the existing frequency spectrum-based method. In addition, it provides good estimate of the selection coefficients and allele ages for strong selection. The method analyzes large data sets in a reasonable amount of running time. This method is applied to HapMap III data for a genome scan, and identifies a list of candidate regions putatively under recent positive selection. It is also applied to several genes known to be under recent positive selection, including the LCT, KITLG and TYRP1 genes in Northern Europeans, and OCA2 in East Asians, to estimate their allele ages and selection coefficients.

scholarly journals Mitigating Coordinated Call Attacks On VoIP Networks Using Hidden Markov Model

2019 ◽  
pp. 337-344
Author(s):  
Usman Haruna Nakorji ◽  
E A Adedokun ◽  
I J Umoh ◽  
Abdullazeez Shettima
Keyword(s):  
Markov Model ◽  
Hidden Markov Model ◽  
Performance Metrics ◽  
Hidden Markov ◽  
Interaction Pattern ◽  
Detection Accuracy ◽  
Distinctive Features ◽  
Term Energy ◽  
Sip Server ◽  
Second Tier

Abstract This paper presents a 2-tier scheme for mitigating coordinated call attacks on VoIP networks. Call interaction pattern was considered using talk and salient periods in a VoIP call conversation. At the first-tier, Short Term Energy algorithm was used for call interaction feature extraction and at the second-tier Hidden Markov Model was used for caller legitimacy recognition. Data of VoIP call conversations were collated and analyzed to extract distinctive features in VoIP call interaction pattern to ascertain the legitimacy of a caller against coordinated call attacker. The performance metrics that was used are; False Error Rate (FER), Specificity, Detection Accuracy and Throughput. Several experiments were conducted to see how effective the mitigating scheme is, as the scheme acts as a proxy server to Session Initiation Protocol (SIP) server. The experiments show that; when the VoIP server is under coordinated call attack without a mitigating scheme only 15.2% of legitimate VoIP users had access to the VoIP network and out of which about half of the legitimate users had their calls dropped before completion, while with the 2-tier mitigating scheme, when the VoIP server is under coordinated call attacks over 90.3% legitimate VoIP callers had their calls through to completion

Sign in / Sign up

Export Citation Format

Share Document