作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2008, Vol. 34 ›› Issue (6): 131-133. doi: 10.3969/j.issn.1000-3428.2008.06.048

• 安全技术 • 上一篇    下一篇

基于隐马尔可夫模型的复合攻击预测方法

张松红,王亚弟,韩继红   

  1. (解放军信息工程大学电子技术学院,郑州 450004)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2008-03-20 发布日期:2008-03-20

Approach to Forecasting Multi-step Attack Based on HMM

ZHANG Song-hong, WANG Ya-di, HAN Ji-hong   

  1. (Institute of Electronic Technology, PLA Information Engineering University, Zhengzhou 450004)
  • Received:1900-01-01 Revised:1900-01-01 Online:2008-03-20 Published:2008-03-20

摘要: 复合攻击成为网络攻击的主要形式之一,入侵检测系统仅能检测到攻击,但不能预测攻击。该文分析了传统的攻击预测方法的不足,提出一种基于隐马尔可夫模型的攻击预测方法,该方法使用隐马尔可夫模型中的Forward算法和Viterbi算法识别攻击者的攻击意图并预测下一步可能的攻击。通过实验验证了该方法的有效性。

关键词: 隐马尔可夫模型, 复合攻击, 攻击意图, 攻击预测

Abstract: The multi-step attack is one of the primary forms of the current attack. Intrusion detection system only detects attack, but cannt forecast next attack. This paper presents an approach to forecasting attack based on HMM after analyzing the defaults of some approaches to forecasting attack. To recognize the attacker’s attack intention and forecast next possible attack using the Forward and Viterbi algorithm. Experimental results prove the validity of the approach.

Key words: Hidden Markov Model(HMM), multi-attack, attack intention, forecast attack

中图分类号: