Next Article in Journal
Evaluation of ARIMA Models for Human–Machine Interface State Sequence Prediction
Previous Article in Journal
The Winning Solution to the IEEE CIG 2017 Game Data Mining Competition
Open AccessArticle

Multi-Layer Hidden Markov Model Based Intrusion Detection System

Department of Electrical and Computer Engineering, Morgan State University, Baltimore, MD 21251, USA
*
Author to whom correspondence should be addressed.
Mach. Learn. Knowl. Extr. 2019, 1(1), 265-286; https://doi.org/10.3390/make1010017
Received: 14 October 2018 / Revised: 12 December 2018 / Accepted: 12 December 2018 / Published: 25 December 2018
(This article belongs to the Section Learning)
The all IP nature of the next generation (5G) networks is going to open a lot of doors for new vulnerabilities which are going to be challenging in preventing the risk associated with them. Majority of these vulnerabilities might be impossible to detect with simple networking traffic monitoring tools. Intrusion Detection Systems (IDS) which rely on machine learning and artificial intelligence can significantly improve network defense against intruders. This technology can be trained to learn and identify uncommon patterns in massive volume of traffic and notify, using such as alert flags, system administrators for additional investigation. This paper proposes an IDS design which makes use of machine learning algorithms such as Hidden Markov Model (HMM) using a multi-layer approach. This approach has been developed and verified to resolve the common flaws in the application of HMM to IDS commonly referred as the curse of dimensionality. It factors a huge problem of immense dimensionality to a discrete set of manageable and reliable elements. The multi-layer approach can be expanded beyond 2 layers to capture multi-phase attacks over longer spans of time. A pyramid of HMMs can resolve disparate digital events and signatures across protocols and platforms to actionable information where lower layers identify discrete events (such as network scan) and higher layers new states which are the result of multi-phase events of the lower layers. The concepts of this novel approach have been developed but the full potential has not been demonstrated. View Full-Text
Keywords: Intrusion Detection System (IDS); Hidden Markov Model (HMM); multi-stage attacks Intrusion Detection System (IDS); Hidden Markov Model (HMM); multi-stage attacks
Show Figures

Figure 1

MDPI and ACS Style

Zegeye, W.K.; Dean, R.A.; Moazzami, F. Multi-Layer Hidden Markov Model Based Intrusion Detection System. Mach. Learn. Knowl. Extr. 2019, 1, 265-286.

Show more citation formats Show less citations formats

Article Access Map by Country/Region

1
Back to TopTop