Viterbi algorithm for intrusion type identification in anomaly detection system

Ja Min Koo, Sung-Bae Cho

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

Due to the proliferation of the infrastructure of communication networks and the development of the relevant technology, intrusions on computer systems and damage are increased, resulting in extensive work on intrusion detection systems (IDS) to find attacks exploiting illegal usages or misuses. However, many IDSs have some weaknesses, and most hackers try to intrude systems through the vulnerabilities. In this paper, we develop an intrusion detection system based on anomaly detection with hidden Markov model and propose a method using the Viterbi algorithm for identifying the type of intrusions. Experimental results indicate that the buffer overflow is well-identified, while we have some difficulties to identify the denial of service attacks with the proposed method.

Original languageEnglish
Pages (from-to)97-110
Number of pages14
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2908
Publication statusPublished - 2004 Dec 1

Fingerprint

Viterbi Algorithm
Viterbi algorithm
Anomaly Detection
Intrusion detection
Intrusion Detection
Hidden Markov models
Telecommunication networks
Computer systems
Attack
Buffer Overflow
Denial of Service
Proliferation
Vulnerability
Communication Networks
Markov Model
Damage
Infrastructure
Experimental Results
Denial-of-service attack

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

@article{94ac0865f0ed4ea7a723ca7379129d5b,
title = "Viterbi algorithm for intrusion type identification in anomaly detection system",
abstract = "Due to the proliferation of the infrastructure of communication networks and the development of the relevant technology, intrusions on computer systems and damage are increased, resulting in extensive work on intrusion detection systems (IDS) to find attacks exploiting illegal usages or misuses. However, many IDSs have some weaknesses, and most hackers try to intrude systems through the vulnerabilities. In this paper, we develop an intrusion detection system based on anomaly detection with hidden Markov model and propose a method using the Viterbi algorithm for identifying the type of intrusions. Experimental results indicate that the buffer overflow is well-identified, while we have some difficulties to identify the denial of service attacks with the proposed method.",
author = "Koo, {Ja Min} and Sung-Bae Cho",
year = "2004",
month = "12",
day = "1",
language = "English",
volume = "2908",
pages = "97--110",
journal = "Lecture Notes in Computer Science",
issn = "0302-9743",
publisher = "Springer Verlag",

}

TY - JOUR

T1 - Viterbi algorithm for intrusion type identification in anomaly detection system

AU - Koo, Ja Min

AU - Cho, Sung-Bae

PY - 2004/12/1

Y1 - 2004/12/1

N2 - Due to the proliferation of the infrastructure of communication networks and the development of the relevant technology, intrusions on computer systems and damage are increased, resulting in extensive work on intrusion detection systems (IDS) to find attacks exploiting illegal usages or misuses. However, many IDSs have some weaknesses, and most hackers try to intrude systems through the vulnerabilities. In this paper, we develop an intrusion detection system based on anomaly detection with hidden Markov model and propose a method using the Viterbi algorithm for identifying the type of intrusions. Experimental results indicate that the buffer overflow is well-identified, while we have some difficulties to identify the denial of service attacks with the proposed method.

AB - Due to the proliferation of the infrastructure of communication networks and the development of the relevant technology, intrusions on computer systems and damage are increased, resulting in extensive work on intrusion detection systems (IDS) to find attacks exploiting illegal usages or misuses. However, many IDSs have some weaknesses, and most hackers try to intrude systems through the vulnerabilities. In this paper, we develop an intrusion detection system based on anomaly detection with hidden Markov model and propose a method using the Viterbi algorithm for identifying the type of intrusions. Experimental results indicate that the buffer overflow is well-identified, while we have some difficulties to identify the denial of service attacks with the proposed method.

UR - http://www.scopus.com/inward/record.url?scp=35048887474&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=35048887474&partnerID=8YFLogxK

M3 - Article

VL - 2908

SP - 97

EP - 110

JO - Lecture Notes in Computer Science

JF - Lecture Notes in Computer Science

SN - 0302-9743

ER -