Intrusion intension recognition system and method based on hidden markov and probability inference

A technology for identifying systems and intentions, which is applied in the field of computer security and can solve the problem of ignoring the relationship between time and space of attacks.

Active Publication Date: 2017-05-17
CHONGQING UNIV OF POSTS & TELECOMM
View PDF7 Cites 24 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although most of the methods consider the causal relationship between the attack steps of the compound attack, they ignore the time and space relationship between the two attacks.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intrusion intension recognition system and method based on hidden markov and probability inference
  • Intrusion intension recognition system and method based on hidden markov and probability inference
  • Intrusion intension recognition system and method based on hidden markov and probability inference

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] The technical solutions in the embodiments of the present invention will be described clearly and in detail below with reference to the drawings in the embodiments of the present invention. The described embodiments are only some of the embodiments of the invention.

[0028] The technical scheme that the present invention solves the above-mentioned technical problem is,

[0029] Such as figure 1 Shown is the overall flow chart of the present invention, including: an intrusion data acquisition module, an attack model building module, a model parameter training module and a predictive analysis module, wherein the intrusion data acquisition module is used to obtain an intrusion data source; the attack model building module is used to Build an attack model, the attack model is divided into three layers of nodes, respectively attack event layer, sub-target layer and intent layer, first, the same source IP address, destination IP address and alarm type, but different attack...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an intrusion intension recognition system and method based on hidden markov and probability inference, and belongs to the technical field of computer security. The method comprises the steps that firstly, due to the causal relationship existing among attack events, subgoals and intentions, a hierarchical bayesian network (HBN) is built for representing the causal relationship between the layers; secondly, the subgoals have the obvious time-order characteristics, and the hidden relationship for a target layer and an intention layer is learned based on a hidden markov model (HMM); finally, a multi-output hidden markov model (MO_HMM), a loop believable propagation algorithm (LBP) is introduced for optimizing the problem of single-probability output of a forward algorithm and a backward algorithm in HMM, and a plurality of possible intentions and probability can be reported.

Description

technical field [0001] The invention belongs to the technical field of computer security, and relates to intrusion intent identification, in particular to an intrusion intent identification method based on time series relationship and uncertainty information. Background technique [0002] With the development of computer networks, the amount of data increases exponentially. The data storage and network access methods in the big data environment make the cost of network attacks lower and the income higher. Existing intrusion intent identification methods are difficult to simulate real attack scenarios, and then effectively identify and predict their intent. Therefore, it is necessary to seek the hidden causal relationship behind a large number of attack events, and extract the attack intention based on the attack direction. [0003] Effectively extracting and predicting the attacker's attack intention is the key to effectively assessing security situation awareness. In rec...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55H04L12/24H04L29/06G06F17/30
CPCG06F16/2282G06F21/554H04L41/145H04L63/1416H04L63/1441
Inventor 刘雨恬肖云鹏刘宴兵邝瑶李唯果赵金哲
Owner CHONGQING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap