Abstract
As the use of Internet increases, cyber attacks and their severity also increase. Since it is not possible to compromise on security, intrusion detection systems (IDSs) become critical component in a secure organization. IDSs detect an attack only after it has occurred. When use in a high-traffic network, IDSs produce a large number of alerts. The false-positive (FP) rate increases with this. In this paper, we propose a framework for predicting future attacks by combining two machine-learning methods: genetic algorithm (GA) and hidden Markov model (HMM). It has two major components in which the first component makes use of GA to derive efficient intrusion detection rules and thereafter a precise detection of attacks. The second component uses HMM to predict the next attack class of the attacker. So combining these together is a good idea and gives a good intrusion prediction capability with reduced FP rate.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
T. Xia, G. Qu, S. Hariri, M. Yousif, in An Efficient Network Intrusion Detection Method Based on Information Theory And Genetic Algorithm. Performance, Computing, and Communications Conference, 2005. IPCCC 2005. (2005), pp. 11–17
R.H. Gong, M. Zulkernine, P. Abolmaesumi, A software implementation of a genetic algorithm based approach to network intrusion detection, in Proceedings of the Sixth International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (2005)
B. Zhu, A.A. Ghorbani, Alert correlation for extracting attack strategies. Int. J. Netw. Secur. 3, 244–258 (2006)
D. Yu, D.A. Frincke, Improving the quality of alerts and predicting intruder’s next goal with hidden colored Petri-Net. Comput. Netw. 51, 632–654 (2007)
K. Haslum, A. Abraham, S. Knapskog, A, Dips framework for distributed intrusion prediction and prevention using hidden markov models and online fuzzy risk assessment, in 3rd International Symposium on Information Assurance and Security, pp. 183–188 (2007)
W. Li, Using genetic algorithm for network intrusion detection, in Proceedings of the United States Department of Energy Cyber Security Group, pp. 1–8 (2004)
M. Middlemiss, G. Dick, Feature selection of intrusion detection data using a hybrid genetic algorithm/KNN approach, in Design and Application of Hybrid Intelligent Systems, pp 519–527 (2003)
Lu Wei, A.I. Traore, Detecting new forms of network intrusion using genetic programming. Comput. Intell. 20(3), 475–494 (2004)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer India
About this paper
Cite this paper
Divya, T., Muniasamy, K. (2015). Real-Time Intrusion Prediction Using Hidden Markov Model with Genetic Algorithm. In: Suresh, L., Dash, S., Panigrahi, B. (eds) Artificial Intelligence and Evolutionary Algorithms in Engineering Systems. Advances in Intelligent Systems and Computing, vol 324. Springer, New Delhi. https://doi.org/10.1007/978-81-322-2126-5_78
Download citation
DOI: https://doi.org/10.1007/978-81-322-2126-5_78
Published:
Publisher Name: Springer, New Delhi
Print ISBN: 978-81-322-2125-8
Online ISBN: 978-81-322-2126-5
eBook Packages: EngineeringEngineering (R0)