Hidden Markov model for malicious hosts detection in a computer network

Ya. V. Bubnov; N. N. Ivanov

Geodesic

Parcourir par

Hidden Markov model for malicious hosts detection in a computer network

Ya. V. Bubnov ; N. N. Ivanov

Journal of the Belarusian State University. Mathematics and Informatics, Tome 3 (2020), pp. 73-79

Voir la notice de l'article provenant de la source Math-Net.Ru

Résumé

The problem of malicious host detection in a computer network is reviewed. Activity of computer network hosts is tracking by a noisy detector. The paper suggests method for detection malicious hosts using activity timeseries classification. The approach is based on hidden Markov chain model that analyses timeseries and consecutive search of the most probable final state of the model. Efficiency of the approach is based on assumption that advanced persisted threats are localised in time, therefore malicious hosts in a computer network can be detected by virtue of activity comparison with reliable safe hosts.

Keywords: hidden Markov model; computer network; advanced persisted threat; timeseries classification.

@article{BGUMI_2020_3_a6,
     author = {Ya. V. Bubnov and N. N. Ivanov},
     title = {Hidden {Markov} model for malicious hosts detection in a computer network},
     journal = {Journal of the Belarusian State University. Mathematics and Informatics},
     pages = {73--79},
     publisher = {mathdoc},
     volume = {3},
     year = {2020},
     language = {en},
     url = {http://geodesic.mathdoc.fr/item/BGUMI_2020_3_a6/}
}

TY  - JOUR
AU  - Ya. V. Bubnov
AU  - N. N. Ivanov
TI  - Hidden Markov model for malicious hosts detection in a computer network
JO  - Journal of the Belarusian State University. Mathematics and Informatics
PY  - 2020
SP  - 73
EP  - 79
VL  - 3
PB  - mathdoc
UR  - http://geodesic.mathdoc.fr/item/BGUMI_2020_3_a6/
LA  - en
ID  - BGUMI_2020_3_a6
ER  -

%0 Journal Article
%A Ya. V. Bubnov
%A N. N. Ivanov
%T Hidden Markov model for malicious hosts detection in a computer network
%J Journal of the Belarusian State University. Mathematics and Informatics
%D 2020
%P 73-79
%V 3
%I mathdoc
%U http://geodesic.mathdoc.fr/item/BGUMI_2020_3_a6/
%G en
%F BGUMI_2020_3_a6

Ya. V. Bubnov; N. N. Ivanov. Hidden Markov model for malicious hosts detection in a computer network. Journal of the Belarusian State University. Mathematics and Informatics, Tome 3 (2020), pp. 73-79. http://geodesic.mathdoc.fr/item/BGUMI_2020_3_a6/