A systematic review on intrusion detection based on the Hidden Markov Model. (27th April 2018)
- Record Type:
- Journal Article
- Title:
- A systematic review on intrusion detection based on the Hidden Markov Model. (27th April 2018)
- Main Title:
- A systematic review on intrusion detection based on the Hidden Markov Model
- Authors:
- Ahmadian Ramaki, Ali
Rasoolzadegan, Abbas
Javan Jafari, Abbas - Abstract:
- Abstract : Apart from using traditional security solutions in software systems such as firewalls and access control mechanisms, utilizing intrusion detection systems are also necessary. Intrusion detection is a process in which a set of methods are used to detect malicious activities against the victims. Many techniques for detecting potential intrusions in software systems have already been introduced. One of the most important techniques for intrusion detection based on machine learning is using Hidden Markov Models (HMM). In recent decades, many research communities have been working toward HMM‐based intrusion detection. Therefore, a large volume of research works has been published and hence, various research areas have emerged in this field. However, until now, there has been no systematic and up‐to‐date review of research works within the field. This paper aims to survey the research in this field and provide open problems and challenges based on the analysis of advantages, limitations, types of architectural models, and applications of current techniques. Six various architecture models for intrusion detection purposes are proposed in the literature. We compare these models based on performance criteria in order to select an appropriate type for a specific application. The results show that HMM‐based intrusion detection techniques have 6 main advantages—precise intrusion detection, ability to detect new and unknown intrusions, prediction of the intruder's potentialAbstract : Apart from using traditional security solutions in software systems such as firewalls and access control mechanisms, utilizing intrusion detection systems are also necessary. Intrusion detection is a process in which a set of methods are used to detect malicious activities against the victims. Many techniques for detecting potential intrusions in software systems have already been introduced. One of the most important techniques for intrusion detection based on machine learning is using Hidden Markov Models (HMM). In recent decades, many research communities have been working toward HMM‐based intrusion detection. Therefore, a large volume of research works has been published and hence, various research areas have emerged in this field. However, until now, there has been no systematic and up‐to‐date review of research works within the field. This paper aims to survey the research in this field and provide open problems and challenges based on the analysis of advantages, limitations, types of architectural models, and applications of current techniques. Six various architecture models for intrusion detection purposes are proposed in the literature. We compare these models based on performance criteria in order to select an appropriate type for a specific application. The results show that HMM‐based intrusion detection techniques have 6 main advantages—precise intrusion detection, ability to detect new and unknown intrusions, prediction of the intruder's potential next steps, usage in real‐time applications by processing data streams on‐the‐fly, usage of heterogeneous data sources as input, and visual representation of acquired knowledge relative to the other techniques of machine learning. … (more)
- Is Part Of:
- Statistical analysis and data mining. Volume 11:Number 3(2018)
- Journal:
- Statistical analysis and data mining
- Issue:
- Volume 11:Number 3(2018)
- Issue Display:
- Volume 11, Issue 3 (2018)
- Year:
- 2018
- Volume:
- 11
- Issue:
- 3
- Issue Sort Value:
- 2018-0011-0003-0000
- Page Start:
- 111
- Page End:
- 134
- Publication Date:
- 2018-04-27
- Subjects:
- Hidden Markov Model -- intrusion detection -- intrusion detection system -- statistical learning -- system and network security
Data mining -- Statistical methods -- Periodicals
006.312 - Journal URLs:
- http://www3.interscience.wiley.com/journal/112701062/home ↗
http://onlinelibrary.wiley.com/ ↗ - DOI:
- 10.1002/sam.11377 ↗
- Languages:
- English
- ISSNs:
- 1932-1864
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 8447.424100
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 6788.xml